Académique Documents
Professionnel Documents
Culture Documents
Page 1
Legal Notice
This document summarizes EMVCos present plans for type approval testing services and policies and is subject to change by EMVCo at any time without notice to any party. Neither this document nor any other document or communication creates any binding obligations upon EMVCo or any third party regarding testing services or EMVCo approval, which obligations will exist, if at all, pursuant to separate written agreements executed by EMVCo and such third parties. In the absence of a written binding agreement pursuant to which EMVCo has agreed to perform testing services for a vendor or to permit a third party to act as a test laboratory, no vendor, test laboratory nor any other third party should detrimentally rely on this document, nor shall EMVCo be liable for any such reliance.
No vendor, test laboratory nor other third party may refer to a product, service or facility as EMVCo approved, in form or in substance, nor otherwise state or imply that EMVCo (or any agent of EMVCo) has in whole or part approved a vendor, test laboratory or other third party or its products, services, or facilities, except to the extent and subject to the terms, conditions and restrictions expressly set forth in a written agreement with EMVCo, or in an approval letter issued by EMVCo. All other references to EMVCo approval are strictly and actively prohibited by EMVCo.
Under no circumstances should EMVCo type approval, when granted, be construed to imply any endorsement or warranty regarding the functionality, quality, or performance of any particular product or service, and no party shall state or imply anything to the contrary. EMVCo specifically disclaims any and all representations and warranties with respect to products that have received approval and to the type approval process generally, including, without limitation, any implied warranties of merchantability, fitness for purpose or noninfringement. All rights and remedies relating to products and services that have received EMVCo type approval are provided solely by the parties selling or otherwise providing such products or services, and not by EMVCo, and EMVCo accepts no liability whatsoever in connection with such products and services. Unless otherwise agreed in writing by EMVCo, this document and matter contained herein, including all products and services contemplated by this document are provided on an as-is basis, with all faults and with no warranties whatsoever, and EMVCo specifically disclaims any implied warranties of merchantability, fitness for purpose, or noninfringement.
Page 2
Version History
Revision Description Initial Publication Test conformance with EMV2000 ICC Specification for Payment Systems Version 4.0 dated December, 2000.
Page 3
Table of Content
SCOPE ......................................................................................................................................................... 20 REFERENCED DOCUMENTS................................................................................................................. 21 ABBREVIATIONS AND NOTATIONS ................................................................................................... 22 GLOBAL GLOSSARY............................................................................................................................... 24 COMMAND SYNTAX ............................................................................................................................... 35 2CS.001.00 2CS.002.00 2CS.003.00 2CS.004.00 2CS.005.00 2CS.006.00 2CS.007.00 Mandatory Command Set............................................................................................... 36 Select Next Command..................................................................................................... 38 Internal Authenticate Command..................................................................................... 40 Verify Command............................................................................................................. 42 Get Challenge................................................................................................................. 44 Get Data ......................................................................................................................... 46 External Authenticate ..................................................................................................... 48
ICC SPECIFICATION FOR PAYMENT SYSTEM, TEST CASE DESCRIPTION ........................... 50 BOOK 3 PART 1 - DATA ELEMENT AND COMMANDS ...................................................................................... 50 2CA.001.03 Data elements Storage .................................................................................................. 50 2CA.001.00 Coding and Allocation of Tags ..................................................................................... 51 2CA.001.04 Coding of Length in TLV .............................................................................................. 52 2CA.002.00 Mapping of data objects into records ............................................................................ 52 2CA.004.00 Retrieval of DIR file....................................................................................................... 53 2CA.007.00 Processing Options Data Object List (PDOL)............................................................... 53 2CA.008.00 Card Risk management Data Object List 1 (CDOL1) ................................................... 54 2CA.009.00 Card Risk management Data Object List 2 (CDOL2) ................................................... 54 2CA.010.00 Transaction Data Object List (TDOL)........................................................................... 55 2CA.011.00 Dynamic Data Object List (DDOL) ............................................................................... 55 2CA.013.00 Processing DOLs: unknown tag .................................................................................... 56 2CA.014.00 Processing DOLs: constructed tag ................................................................................ 56 2CA.015.00 Processing DOLs: data absent from ICC ...................................................................... 57 2CA.016.00 Processing DOLs: shorter data object length, numeric format ..................................... 57 2CA.017.00 Processing DOLs: shorter data object length, other format.......................................... 58 2CA.018.00 Processing DOLs: longer data object length, numeric format ...................................... 59 2CA.019.00 Processing DOLs: longer data object length, compressed numeric format .................. 60 2CA.020.00 Processing DOLs: longer data object length, other format........................................... 61 2CA.021.00 Processing DOLs: data not applicable.......................................................................... 62 2CA.025.00 Normal Processing for EXTERNAL AUTHENTICATE ................................................. 63 2CA.026.00 Failed Processing for EXTERNAL AUTHENTICATE................................................... 64 2CA.027.00 Normal Processing for GENERATE AC ........................................................................ 65 2CA.028.00 Normal Processing for GET CHALLENGE................................................................... 65 2CA.029.00 Normal Processing for GET DATA ............................................................................... 66 2CA.029.05 Failed Processing for GET DATA (1)............................................................................ 67 2CA.029.06 Failed Processing for GET DATA (2)............................................................................ 68 2CA.030.00 Normal Processing for GET PROCESSING OPTIONS ................................................ 69
Page 4
Page 5
Page 6
Page 7
Page 8
ICC APPLICATION SPECIFICATION FOR PAYMENT SYSTEM, TEST CASE DESCRIPTION244 FILES FOR FINANCIAL TRANSACTION INTERCHANGE .................................................................................... 244 2CI.001.00 READ RECORD with the Short File Identifiers (SFI) ranged from 1 to 10 ................. 244 2CI.002.00 READ RECORD in linear files ..................................................................................... 245 2CI.003.00 READ RECORD in files containing multiple records .................................................. 245 2CI.004.00 READ RECORD with the record size in the range from 1 to 254 bytes ....................... 246 2CI.005.00 Record Data Format..................................................................................................... 246 2CI.007.00 Free access conditions for files accessible using the READ RECORD command ....... 247 2CI.008.00 READ RECORD in the Application File Locator......................................................... 247 2CI.009.00 Mandatory Data Objects: Application Expiration Date............................................... 248 2CI.010.00 Mandatory Data Objects: PAN .................................................................................... 248 2CI.011.00 Mandatory Data Objects: CDOL 1 .............................................................................. 249 2CI.012.00 Mandatory Data Objects: CDOL 2 .............................................................................. 249 2CI.013.00 Optional Data Objects: ................................................................................................ 250 2CI.014.00 Mandatory Data Objects for Offline Static Data Authentication ................................. 251 2CI.015.00 Mandatory Data Objects for Offline Dynamic Data Authentication............................ 252 2CI.017.00 GET DATA on PIN Try Counter................................................................................... 253 2CI.018.00 GET DATA on Last Online ATC Register .................................................................... 253 2CI.019.00 Both the LCOL and UCOL data objects exist in the ICC ............................................. 254 2CI.020.00 Either the LCOL or the UCOL data objects is not present in the ICC ......................... 255 2CI.021.00 Data retrievable by GET PROCESSING OPTIONS command .................................... 256 2CI.022.00 Functions specified in the AIP: Offline Static Data Authentication ............................. 257 2CI.023.00 Functions not specified in the AIP: Offline Static Data Authentication ....................... 258 2CI.024.00 Functions specified in the AIP: Offline Dynamic Data Authentication........................ 259 2CI.025.00 Functions not specified in the AIP: Offline Dynamic Data Authentication.................. 260 2CI.026.00 Functions specified in the AIP: Cardholder verification.............................................. 261 2CI.027.00 Functions not specified in the AIP: Cardholder verification........................................ 262 2CI.028.00 Functions specified in the AIP: Terminal Risk Management ....................................... 263 2CI.029.00 Functions not specified in the AIP: Terminal Risk Management ................................. 264 2CI.030.00 Functions specified in the AIP: Issuer Authentication ................................................. 265 2CI.031.00 Functions not specified in the AIP: Issuer Authentication ........................................... 266 2CI.032.00 Exception Handling ...................................................................................................... 267 2CI.033.00 Functions specified in the Application Interchange Profile: Enhanced Combined DDA / GENERATE AC268 2CI.034.00 Functions not specified in the Application Interchange Profile: Enhanced Combined DDA / GENERATE AC ........................................................................................................................... 269 FUNCTIONS USED IN TRANSACTION PROCESSING ......................................................................................... 270 2CJ.001.00 GET PROCESSING OPTIONS command execution.................................................... 270 2CJ.002.00 All bits in TSI and TVR are set to 0b ............................................................................ 270 2CJ.003.00 GET PROCESSING OPTIONS data field, when PDOL is provided in FCI ................ 271 2CJ.004.00 GET PROCESSING OPTIONS data field, when PDOL is not provided in FCI .......... 271 2CJ.005.00 Rules for Processing Tags listed in the PDOL (1)........................................................ 272 2CJ.006.00 Rules for Processing Tags listed in the PDOL (2)........................................................ 273 2CJ.007.00 Rules for Processing Tags listed in the PDOL (3)........................................................ 274 2CJ.008.00 GET PROCESSING OPTIONS transaction state management.................................... 275 2CJ.009.00 READ RECORD command execution .......................................................................... 275 2CJ.010.00 READ RECORD on each entry in the AFL .................................................................. 276 2CJ.011.00 Data objects processing................................................................................................ 276 2CJ.012.00 Data objects processing (Unrecognized Data Objects)................................................ 277 2CJ.012.01 Non recognized data object participating in offline data authentication ..................... 278 2CJ.013.00 Record Data Format: mandatory data: Application Expiration Date ......................... 279 2CJ.014.00 Record Data Format: mandatory data: PAN ............................................................... 279 2CJ.015.00 Record Data Format: mandatory data: CDOL1 .......................................................... 280
Page 9
Page 10
Page 11
Page 12
Page 13
Page 14
Page 15
ICC TERMINAL SPECIFICATION FOR PAYMENT SYSTEM, TEST CASE DESCRIPTION .. 507 GENERAL REQUIREMENTS ........................................................................................................................... 507 2CM.001.00 Merchant-controlled Terminal Provides Amount ...................................................... 507 2CM.002.00 Merchant-controlled Terminal Obtains Amount if Not Available............................... 508 2CM.003.00 Card Returns Error in Response to GET PROCESSING Command ......................... 508 2CM.004.00 Online Only Terminal Not Supporting Data Authentication Sets Bit......................... 509 2CM.006.00 Card and Terminal Application Version Numbers are different................................ 510 2CM.009.00 Terminal Recognition of CVM Codes ('No CVM required' supported)...................... 511 2CM.009.05 Terminal Recognition of CVM Codes ('No CVM required' not supported) ............... 512 2CM.010.00 Terminal Recognition of CVM Codes ('Fail CVM processing')................................ 513 2CM.011.00 Supported CVM.......................................................................................................... 513 2CM.012.00 PIN Try Counter......................................................................................................... 514 2CM.013.00 PIN Try Counter Not Retrievable by ICC .................................................................. 515 2CM.014.00 GET DATA Not Supported by ICC............................................................................. 516 2CM.015.00 Terminal Behaviour When PIN Try Counter Equals 0 .............................................. 517 2CM.016.00 Terminal Prompt for PIN Entry (PIN Try Counter >0) ............................................. 518 2CM.017.00 CVM is Set When Offline PIN is Successful ............................................................... 519 2CM.018.00 Offline PIN Not Successful......................................................................................... 520 2CM.019.00 Online PIN used for CVM .......................................................................................... 521 2CM.020.00 Online PIN When PIN Try Limit is Exceeded and Terminal Supports GET DATA for PIN Try Counter 522 2CM.020.01 Online PIN When PIN Try Limit is Exceeded and the Terminal does not support GET DATA for PIN Try Counter..................................................................................................................... 523 2CM.021.00 CVM Results Set for Online PIN ................................................................................ 524 2CM.022.00 TVR is Set When PIN Entry is bypassed at Attended Terminal.................................. 525 2CM.023.00 CVM unsuccessful When PIN Entry is bypassed at Attended Terminal..................... 526 2CM.024.00 CVM is Set to unknown When Signature is Used .................................................... 527 2CM.025.00 Terminal Prints Receipt With Line for Cardholder Signature ................................... 528 2CM.026.00 CVM is Set When no CVM is Required ...................................................................... 529 2CM.027.00 CVM is Set When CVM is Fail CVM Processing .................................................... 529 2CM.028.00 CVM Results Set With Method Code and Condition Code of Last CVM Performed . 530 2CM.029.00 CVM Results Set When Last CVM Not Considered Successful .................................. 531 2CM.030.00 CVM Results Set When No CVM Was Performed ...................................................... 532 2CM.031.00 Terminal Checks Presence of Application Selected ................................................... 533 2CM.032.00 TVR Set if Match is Found in Exception File............................................................. 534 2CM.033.00 Authorization Response Code Set When Terminal Accepts Transaction Offline ........ 535 2CM.034.00 Authorization Response Code Set When Terminal Declines Transaction Offline...... 535 2CM.035.00 Authorization Response Code Not Set When Terminal Opts To Transmit Transaction Online 536 2CM.036.00 Terminal Completes Transaction When Card Indicated Approval ............................ 536 2CM.037.00 Terminal Declines Transaction When Card Indicated Denial................................... 537
Page 16
Page 17
Page 18
Page 19
Scope
Integrated Circuit Card Specification for Payment System Version 4.0 is now divided in 4 books: Book 1: Application Independent ICC to Terminal Interface Requirements Book 2: Security and Key Management Book 3: Application Specification Book 4: Cardholder, Attendant, and Acquirer Interface Requirements
The Book 1 (Part II) and Book 2 define the complete flow of a transaction between an Integrated Circuit Card (ICC) and a terminal, from the selection of an application in the ICC to the completion of the transaction. Book 3 defines the format of ICC commands used during the transaction flow between the ICC and terminal. Also defined is the transaction flow and associated data for an application compliant with the EMV specifications. Finally Book 4 defines the characteristics of a Terminal that supports an ICC conforming to the two previous specifications mentioned. The 4 Books are divided in testable requirements listed in the 'EMVCo Terminal Level 2 Type Approval - Requirements'. The present document, 'EMVCo Terminal Level 2 Type Approval - Test Cases List', describes a set of test cases which when applied to the terminals, are designed to determine whether the terminal meets the requirements stated in EMV2000 Integrated Circuit Card Specification for Payment Systems Version 4.0 dated December 2000. Test cases are defined for unitary tests that are performed without presence of a valid EMV payment application and functional testing dependent of the presence of the EMV payment application. Terminal/host protocol (if present) is not tested since requirements for terminal communication with external components is not defined by EMV specifications. If any special conditions are required for a specific test case, these conditions are described in the test case. The intended audience for this document are EMVCo accredited laboratories, EMV application providers, acquiring members or merchants. Although acquiring members and merchants may reference this document, type approval testing oriented toward EMV application providers.
Page 20
Referenced Documents
[N1] EMV 2000 Integrated Circuit Card Specification for Version 4.0 - December Payment Systems - Book 1 - Application Independent 2000 ICC to Terminal Interface Requirements EMV 2000 Integrated Circuit Card Application Version 4.0 - December Specification for Payment Systems - Book 2 - 2000 Security and Key Management EMV 2000 Integrated Circuit Card Terminal Version 4.0 - December Specification for Payment Systems - Book 3 - 2000 Application Specification EMV 2000 Integrated Circuit Card Terminal Version 4.0 - December Specification for Payment Systems - Book 4 - 2000 Cardholder, Attendant, and Acquirer Interface Requirements
[N2]
[N3]
[N4]
Page 21
Licc
EMVCo Type Approval - Terminal Level 2 - Test Cases NIC P1 P2 P3 PI PIC R-APDU RST R-TPDU SCA SI SIC SW1 SW2 TPDU Length of the ICC Public Key Modulus Parameter 1 Parameter 2 Parameter 3 Issuer Public Key ICC Public Key Response APDU Reset Response TPDU Certification Authority Private Key Issuer Private Key ICC Private Key Status Word One Status Word Two Transport Protocol Data Unit
Page 23
Global Glossary
Accelerated Revocation- A key revocation performed date sooner than the published key expiry date. Accreditation - Formal recognition by EMVCo that an auditor or testing laboratory is competent to carry out specific functions defined in EMVCo type approval procedures. Acquirer - A financial institution that supports merchants by providing services for processing payment card transactions. Acquirer System - A logical entity that provides electronic commerce services to the merchants in support of the acquirer and interfaces to the acquirer to support the authorization and capture of electronic commerce transactions. Answer to Reset (ATR) - A string of bytes sent by the integrated circuit card (ICC) in response to the reset by the terminal. These bytes convey information to the terminal that define certain characteristics of the communication to be established between the ICC and the terminal. Application - The application protocol between the card and the terminal and its related set of data. Application Protocol Data Unit (APDU) - A message sent from the interface device (IFD) to the card or conversely. It may contain either a command message or a response message. Asymmetric Cryptographic Technique - A cryptographic technique that uses two related transformations, a public transformation (defined by the public key) and a private transformation (defined by the private key). The two transformations have the property that, given the public transformation, it is computationally infeasible to derive the private transformation. Auditor - Independent impartial entity that verifies test laboratory conformance to EMVCo defined type approval procedures. Authentication- The provision of assurance of the claimed identity of an entity [ISO/IEC 10181-2: 1996]. Authorization- The process by which a properly appointed person or persons grants permission to perform some action on behalf of an organization. This process assesses transaction risk, confirms that a given transaction does not raise the account holder's debt above the account's credit limit, and reserves the specified amount of credit. (When a merchant obtains authorization, payment for the authorized amount is guaranteed - provided that the merchant followed the rules associated with the authorization process.)
Page 24
EMVCo Type Approval - Terminal Level 2 - Test Cases Authorization Reversal - A transaction sent when a previous authorization needs to be canceled (a full reversal) or decreased (a partial reversal). A full reversal will be used when the transaction can not be completed, such as when the cardholder cancels the order or the merchant discovers that the goods are no longer available, as when discontinued. A partial reversal will be used when the authorization was for the entire order and some of the goods cannot be shipped, resulting in a split shipment. Block - A succession of characters comprising two or three fields defined as prologue field, information field, and epilogue field. Byte - 8 bits. Card - A payment card as defined by a payment system. Cardholder - An authorized holder of a payment card supported by an issuer. Cardholder System - The combination of hardware and software required to interact with the cardholder, his or her IC Card, and a SET Merchant Server in order to participate in EMV chip electronic commerce. Certificate: The public key and identity of an entity together with some other information, rendered unforgeable by signing with the secret key of the certification authority which issued that certificate. Certificate Revocation: The process of revoking an otherwise valid certificate by the entity that issued that certificate. Certification Authority: A centre trusted to create and assign public key certificates which provide evidence linking a public key and other relevant information to its owner. Certification Authority - Trusted third party that establishes a proof that links a public key and other relevant information to its owner. Ciphertext - Enciphered information. Cold Reset - The reset of the ICC that occurs when the supply voltage (VCC) and other signals to the ICC are raised from the inactive state and the reset (RST) signal is applied. Command - A message sent by the terminal to the ICC that initiates an action and solicits a response from the ICC. Compromise: The breaching of secrecy or security. Concatenation - Two elements are concatenated by appending the bytes from the second element to the end of the first. Bytes from each element are represented in the resulting string in the same sequence in which they were presented to the terminal by the ICC, that is, most significant byte first. Within each byte bits are ordered from most significant bit to least significant. A list of elements or objects may be concatenated by concatenating the first pair to form a new element, using that as the first element to concatenate with the next in the list, and so on. Copyright 2002 EMVCo, LLC. All rights reserved Page 25
EMVCo Type Approval - Terminal Level 2 - Test Cases Conformance - Meeting all the requirements (and also any optional requirements) that the interface module (IFM) provider instituted of that specification. Contact - A conducting element ensuring galvanic continuity between integrated circuit(s) and external interfacing equipment. Contact Interface - The area where a contact if the interface device (IFD) physically touches a contact on the integrated circuit card (ICC) allowing an electrical current to flow between the contacts. Cryptogram - Result of a cryptographic operation. Cryptography- The practice of digitally "scrambling" a message using a secret key or keys. These keys are used to unscramble or decrypt the message. Cryptoperiod: Defined period of time during which a specific cryptographic key is authorized for use, or during which time the cryptographic keys for a given system may remain in effect. (ISO 8908) Cryptographic Algorithm - An algorithm that transforms data in order to hide or reveal its information content. Data Integrity - The property that data has not been altered or destroyed in an unauthorised manner Data Key (KD): Cryptographic key used for the encipherment, decipherment or authentication of data. (ISO 8908) Decipherment: Process of transforming cipher text into plain text - the reversal of a corresponding encipherment. Declaration of conformity - Written statement by an interface module (IFM) provider claiming that their production of a specific IFM type is in conformance with all related specifications, as defined by EMVCo. Digital Envelope - A cryptographic technique to encrypt data and send the encryption key along with the data. Generally, a symmetric algorithm is used to encrypt the data and an asymmetric algorithm is used to encrypt the encryption key. Digital Signature - An asymmetric cryptographic transformation of data that allows the recipient of the data to prove the origin and integrity of the data, and protect the sender and the recipient of the data against forgery by third parties, and the sender against forgery by the recipient. Electronic Commerce - The exchange of goods and services for payment between the cardholder and merchant when some or all of the transaction is performed via electronic communication. Copyright 2002 EMVCo, LLC. All rights reserved Page 26
EMVCo Type Approval - Terminal Level 2 - Test Cases Electronic Commerce Access Device - The combination of hardware and software required to interact with the cardholder, the ICC, and an electronic commerce system in order to conduct EMV-based electronic commerce purchases. Embossing - Characters raised in relief from the front surface of a card. EMVCo - Legal structure created by Europay International S.A., MasterCard International Incorporated, and Visa International Service Association for including, but not limited to, smart card interoperability specifications and associated type approval procedures. EMVCo test authority - The entity responsible for the type approval process. Encipherment - The reversible transformation of data by a cryptographic algorithm to produce ciphertext. Epilogue Field - The final field of a block. It contains the error detection code (EDC) byte(s). Expiry Date: Date after which a financial instrument or agreement ceases to be valid. External operating conditions (EOC) - In addition to the implementation conformance statement (ICS), this document describes the setup and handling of the system under test (SUT) before and during the type approval tests, and describes the environmental conditions and maximum rating the interface module (IFM) is designed for. The IFM provider in cooperation with the testing laboratory defines this document. Financial Transaction - The act between a cardholder and a merchant or acquirer that results in the exchange of goods or services against payment. Function - A process accomplished by one or more commands and resultant actions that are used to perform all or part of a transaction. Guardtime - The minimum time between the trailing edge of the parity bit of a character and the leading edge of the start bit of the following character sent in the same direction. Hash Function - A function that maps strings of bits to fixed-length strings of bits, satisfying the following two properties: It is computationally infeasible to find for a given output an input which maps to this output. It is computationally infeasible to find for a given input a second input that maps to the same output. Additionally, if the hash function is required to be collision-resistant, it must also satisfy the following property: It is computationally infeasible to find any two distinct inputs that map to the same output. Copyright 2002 EMVCo, LLC. All rights reserved Page 27
EMVCo Type Approval - Terminal Level 2 - Test Cases Hash Result - The string of bits that is the output of a hash function. Implementation conformance statement (ICS) - A form completed by the interface module (IFM) provider. The written statement lists all optional functions as specified in the reference specification implemented in the interface module (IFM). It includes the identification description and external operating conditions (EOC) of the IFM. Implementation under test (IUT) - A virtual or abstract device, implementing the EMV specification, to be submitted for testing (a view of the interface module (IFM) is attached to the design). Inactive - The supply voltage (VCC) and other signals to the ICC are in the inactive state when they are at a potential of 0.4 V or less with respect to ground (GND). Installation guideline - Set of guidelines, delivered by the interface module (IFM) provider with every IFM, describing under what conditions a terminal or an IFM can be installed. Integrated Circuit(s) - Electronic component(s) designed to perform processing and/or memory functions. Integrated Circuit(s) Card - A card into which one or more integrated circuits are inserted to perform processing and memory functions. Integrated Circuit Module - The sub-assembly embedded into the ICC comprising the IC, the IC carrier, bonding wires, and contacts. Interface Device - That part of a terminal into which the ICC is inserted, including such mechanical and electrical devices that may be considered part of it. Interface Module - A virtual or abstract device attached to a type production configuration implemented as a physical device included in a terminal. Interoperability - The ability of the software and hardware from different interface module (IFM) providers to work together. Issuer - A financial institution that supports issuing payment card products to individuals. Key - A sequence of symbols that controls the operation of a cryptographic transformation. Key Activation: The process of beginning to use a key at the Certification Authority for the production of public key certificates. Key Expiry Date: The date after which a signature made with a particular key is no longer valid. Issuer certificates signed by the key must expire on or before this date. Keys may be removed from terminals after this date has passed. Copyright 2002 EMVCo, LLC. All rights reserved Page 28
EMVCo Type Approval - Terminal Level 2 - Test Cases Key Installation Deadline: The date by which all terminals must be able to verify issuer certificates based on this key, and the earliest date that cards may be issued that contain issuer certificates based on this key. Key Introduction: The process of generating, distributing, and beginning use of a key pair. Key Life Cycle: All phases of key management, from planning and generation, through revocation, destruction, and archiving. Key Replacement: The simultaneous revocation of a key and introduction of a key to replaced the revoked one. Key Revocation: The key management process of withdrawing a key from service and dealing with the legacy of its use. Key revocation can be as-scheduled or accelerated. Key Revocation Date: The date after which no legitimate cards still in use should contain certificates signed by this key, and therefore the date after which this key can be deleted from terminals. For a planned revocation the Key Revocation Date is the same as the key expiry date. Key Withdrawal: The process of removing a key from service as part of its revocation. Laboratory - A facility that performs type approval testing. Letter of accreditation - Written statement that confirms a testing laboratory is performing type approval tests in conformance to the common rules, as defined by EMVCo. Letter of approval - Written statement that documents the decision of the EMVCo Test Authority that a specified product type has demonstrated sufficient conformance to the EMV specification. Level 1 Test - The execution of a defined set of electrical, mechanical, and communication protocol tests versus requirements described in Part 1 of the EMV Integrated Circuit Card Specification for Payment Systems. Logical Compromise: The compromise of a key through application of improved cryptanalytic techniques, increases in computing power, or combination of the two. Lower tester - The integrated circuit card (ICC) simulator going to allow the implementation under test (IUT) to react on normal and error conditions. Magnetic Stripe - The stripe containing magnetically encoded information. Maintenance guideline - Set of guidelines, delivered by the interface module (IFM) provider with every IFM, describing under what conditions a terminal or an IFM can be maintained. Major modification - Technical change of an interface module (IFM) or its functionality that implies that the IFM provider can no longer guarantee conformance of the modified Copyright 2002 EMVCo, LLC. All rights reserved Page 29
EMVCo Type Approval - Terminal Level 2 - Test Cases IFM with the requirements of Part 1 of the EMV Integrated Circuit Card Specification for Payment Systems. Merchant - A seller of goods, services, and/or information who accepts payment for them electronically, and may provide selling services and/or electronic delivery of items for sale (e.g., information). Merchant Server - A system that interacts with the Cardholder System for electronic payments. The Merchant Server also interacts with the Acquirer using the payment protocol to receive authorization and capture services for electronic payment transactions. Merchant System - A system that interfaces with the cardholder (or ECAD) to offer goods and services in return for electronic payment and interfaces with the acquirer system to process electronic commerce transactions. Message - A string of bytes sent by the terminal to the card or vice versa, excluding transmission-control characters. Message Authentication Code - A symmetric cryptographic transformation of data that protects the sender and the recipient of the data against forgery by third parties. Migration Key- A key introduced into the system for future use. Minor modification - Technical change of an interface module (IFM) or its functionality that does not impact the functionality of that IFM with respect to the requirements of Part 1 of the Integrated Circuit Card Specification for Payment Systems and the implementation conformance statement (ICS). Network - A collection of communication and information processing systems that may be shared among several users. Nibble - The four most significant or least significant bits of a byte. Padding - Appending extra bits to either side of a data string. Path - Concatenation of file identifiers without delimitation. Payment System - For the purposes of this specification, Europay International S.A., MasterCard International Incorporated, or Visa International Service Association. Payment Systems Environment - The set of logical conditions established within the ICC when a payment system application conforming to this specification has been selected, or when a directory definition file (DDF) used for payment system application purposes has been selected. Physical Compromise: The compromise of a key resulting from the fact that it has not been securely guarded, or a hardware security module has been stole or accessed by unauthorised persons. Copyright 2002 EMVCo, LLC. All rights reserved Page 30
EMVCo Type Approval - Terminal Level 2 - Test Cases Plaintext - Unenciphered information. Planned Revocation: A key revocation performed as scheduled by the published key expiry date. Potential Compromise: A condition where cryptanalytic techniques and/or computing power has advanced to the point that compromise of a key of a certain length is feasible or even likely. Primary Account Number (PAN) - The assigned number that identifies the card issuer and cardholder. This account number is composed of an issuer identification number, an individual account number identification, and an accompanying check digit, as defined by ISO 7812-1985. Private Key - That key of an entitys asymmetric key pair that should only be used by that entity. In the case of a digital signature scheme, the private key defines the signature function. Proficiency - Ability of a testing laboratory to perform the specified tests in an exact and reproducible fashion and to provide an accurate test report. Prologue Field - The first field of a block. It contains subfields for node address (AD), protocol control byte (PCB), and length (LEN). Protocol - Method of communication between the integrated circuit card (ICC) and the terminal, represented in this specification by T=0 (character protocol) and T=1 (block protocol). Prototype - Implementation of a design for evaluation purposes but not for type approval. Public Key - That key of an entitys asymmetric key pair that can be made public. In the case of a digital signature scheme, the public key defines the verification function. Public Key Certificate - The public key information of an entity signed by the certification authority and thereby rendered unforgeable. Quality assurance - For purpose of this specification, all activities targeted at maximizing the level of confidence that the quality of a product is constant and demonstrated throughout volume production. Quality system - An organization implementing quality procedures describing the operations performed by its people in order to achieve its activity with the correct level of quality. Redundancy - Any information that is known and can be checked. Reference specification - A set of documents defining the requirements to which the interface module (IFM) shall comply. The reference specification consists of the current EMV Integrated Circuit Card Specification for Payment Systems and any additional documentation required to proceed with type approval. Copyright 2002 EMVCo, LLC. All rights reserved Page 31
EMVCo Type Approval - Terminal Level 2 - Test Cases Registration Authority An independent third-party organization that process payment card applications for multiple payment card brands and forwards applications to the appropriate financial institutions. Response - A message returned by the ICC to the terminal after the processing of a command message received by the ICC. RSA Failure: An advance in mathematics, cryptanalysis or technology that renders RSA key technology ineffective, regardless of key or key size. Sample - Terminal, including the implementation under test (IUT), picked out of production for testing. Secret Key - A key used with symmetric cryptographic techniques and usable only by a set of specified entities. Script - A command or a string of commands transmitted by the issuer to the terminal for the purpose of being sent serially to the ICC as commands. Secure Socket Layer (SSL) - a standard (developed by Netscape Communications Company) that encrypts data between a Web browser and a Web server. SSL does not specify what data is sent or encrypted. In an SSL session, all data sent is encrypted. Service provider - The entity that provides a product or a service to customers, using terminals and a payment system. Signal Amplitude - The difference between the high and low voltages of a signal. Signal Perturbations - Abnormalities occurring on a signal during normal operation such as undershoot/overshoot, electrical noise, ripple, spikes, crosstalk, etc. Random perturbations introduced from external sources are beyond the scope of the specification. State H - Voltage high on a signal line. May indicate a logic one or logic zero depending on the logic convention used with the ICC. State L - Voltage low on a signal line. May indicate a logic one or logic zero depending on the logic convention used with the ICC. Statement of readiness - Part of the implementation conformance statement (ICS); it is a declaration by the interface module (IFM) provider that the IFM type conforms to the EMV specifications. Statement of specification acceptance- Written statement from the interface module (IFM) provider that states the IFM provider accepts all related specifications as defined by EMVCo.
Page 32
EMVCo Type Approval - Terminal Level 2 - Test Cases Suspected Compromise: A condition where information from system monitoring indicates malfunction which could be caused by key compromise, but which has not been confirmed as such. Symmetric Cryptographic Technique - A cryptographic technique that uses the same secret key for both the originators and recipients transformation. Without knowledge of the secret key, it is computationally infeasible to compute either the originators or the recipients transformation. System integrator - The entity that integrates interface modules (IFMs) and devices containing IFMs into a system for use by a service provider. System under test (SUT) - System, module, part, or component actually tested or to be tested (either a part of the terminal or the entire terminal) including the implementation under test (IUT). T=0 - Character-oriented asynchronous half-duplex transmission protocol. T=1 - Block-oriented asynchronous half-duplex transmission protocol. Template - Value field of a constructed data object, defined to give a logical grouping of data objects. Terminal - The device used in conjunction with the ICC at the point of transaction to perform a financial transaction. It incorporates the interface device and may also include other components and interfaces such as host communications. Terminal application layer (TAL) - The part of the terminal that initiates a command. It sends an instruction via the terminal transport layer (TTL) to the integrated circuit card (ICC) in the form of a five-byte header called the command header. Test - Any activity that aims at verifying the conformance of a selected product or process to a given requirement under a given set of conditions. Test bench - A defined combination of a set of test methods and test equipment for the purpose of type approval tests. Type Approval - Acknowledgment by EMVCo that the specified product has demonstrated sufficient conformance to the EMVCo ICC specifications for its stated purpose. Type Approval documentation - Full set of documents and procedures issued by EMVCo to perform the type approval process. Type Approval process - The processes followed to test a product type for compliance with a certain specification. Type Approval test - The execution of a defined set of tests against requirements described in a specification to determine compliance with that specification. Type approval test report - The result of type approval testing on a product. Copyright 2002 EMVCo, LLC. All rights reserved Page 33
EMVCo Type Approval - Terminal Level 2 - Test Cases Upper tester - The internal (or back external) application of the interface module (IFM) that emulates a real application in order to test the implementation under test (IUT) under all possible conditions. Warm Reset - The reset that occurs when the reset (RST) signal is applied to the ICC while the clock (CLK) and supply voltage (VCC) lines are maintained in their active state.
Page 34
Command Syntax
The intent of the test cases in this Section is to verify that the commands are in accordance with EMV 2000 Integrated Circuit Card Specifications for Payment Systems - Part I - Book 3 Application Specification. While the application will be utilized to perform command syntax checking, functionality testing will not be specifically checked, but will be tested in other sections as specified.
Page 35
Reference: 2RA.039.0 - Book 3 Section 2.5.5.2 - Syntax of GENERATE AC Command 2RA.039.5 - Book 3 Section 2.5.5.3 - Syntax of GENERATE AC Command Data Field 2RA.045.0 - Book 3 Section 2.5.8.2 - Syntax of GET PROCESSING OPTIONS Command 2RA.058.5 - Book 3 Section 2.5.11.3 & Book 1 Section 7.2.3 - Syntax of READ RECORD command Data Field 2RA.060.0 - Book 1Section 7.3.2 - Syntax of SELECT Select command 2RA.061.0 - Book 1Section 7.3.2 - Syntax of SELECT Select command: P2 parameter Conditions: ICC contains AIP value 00 00 Card does not support additional functionality
ICC contains the following mandatory Data Objects (Application Expiration Date, Application PAN, CDOL1, and CDOL2)
Pass Criteria:
Page 36
Page 37
Reference: 2RA.061.0 - Book 1Section 7.3.2 - Syntax of SELECT Select command: P2 parameter Conditions:
ICC contains DF name longer than the terminal stored AID ICC contains AIP value 00 00 Card does not support additional functionality ICC contains the following mandatory Data Objects (Application Expiration Date, Application PAN, CDOL1, and CDOL2) All TAC (Denial/online/default) in terminal are setup to '00 00 00 00 00'
Procedure:
For Generate AC Command P1=40 The terminal will perform the following functions as a part of the basic EMV transaction: Application Selection Initiate Application Processing Read Application Data Terminal Action Analysis
Page 38
Page 39
2.5.9.2
Syntax Syntax
of of
INTERNAL INTERNAL
ICC contains AIP value 20 00 Offline DDA is supported ICC contains the following mandatory Data Objects (Application Expiration Date, Application PAN, CDOL1, and CDOL2) ICC contains required Data Objects to support DDA All TAC (Denial/online/default) in terminal are setup to '00 00 00 00 00'
Procedure:
All IAC (Denial/online/default) in LT are set up to '00 00 00 00 00' For Generate AC Command P1=40 The terminal will perform the following functions as a part of the basic EMV transaction: Application Selection Initiate Application Processing Read Application Data Data Authentication Terminal Action Analysis Completion. Terminal shall process the card to transaction completion Terminal shall be consistent with the command formats. Terminal shall issue all mandatory commands as specified below. Terminal shall issue Internal Authenticate command after Read st Application Data but prior to 1 Gen AC command Each command shall contain the correct syntax and be issued at the appropriate time. (Follow command flow and syntax below)
Select: Mandatory Command 00 A4 04 00 Lc Command Data Le Lc = 05 10 (Length of Command Data) Command Data = File Name Le = (Not Present T=0) Get Processing Options: Mandatory Command 80 A8 00 00 Lc Command Data Le Lc = variable (Length of Command Data) Command Data = (Processing Options Data Object List - PDOL) Le = (Not Present T=0)
Pass Criteria:
Page 40
00 88 00 00 Lc Command Data Le Lc = (Length of Command Data) Command Data = Length of authentication-related data Le = 00 (Not Present for T=0) Generate AC: Mandatory Command 80 AE P1 00 Lc Command Data Le P1 = Reference Control Parameter (00 AAC, 40 TC, 80 ARQC) Le = 00 (Not Present T=0)
Page 41
Reference: 2RA.066.0 - Book 3 Section 2.5.12.2 - Syntax of VERIFY command 2RA.067.0 - Book 3 Section 2.5.12.2 - Syntax of VERIFY command: P2 parameter Conditions:
ICC contains AIP value 10 00 Cardholder verification is supported ICC contains the following mandatory Data Objects (Application Expiration Date, Application PAN, CDOL1, and CDOL2) ICC contains CVM list, tag 8E contains CVR 0100 i.e. plain text PIN verified by ICC always. Terminal supports plain text PIN All TAC (Denial/online/default) in terminal are setup to '00 00 00 00 00'
Procedure:
For Generate AC Command P1=40 The terminal will perform the following functions as a part of the basic EMV transaction: Application Selection Initiate Application Processing Read Application Data Cardholder Verification Terminal Action Analysis Terminal shall process the card to transaction completion. Terminal shall be consistent with the command formats. Terminal shall issue all mandatory commands as specified below. If terminal supports Get Data for PIN try counter, it shall be issued prior to the Verify Command. Terminal shall issue Verify Command after Read Application Data but prior st to 1 GEN AC. Each command shall contain the correct syntax and be issued at the appropriate time. (Follow command flow and syntax below)
Select: Mandatory Command 00 A4 04 00 Lc Command Data Le Lc = 05 10 (Length of Command Data) Command Data = File Name Le = (Not Present T=0)
Page 42
Page 43
Reference: 2RA.072.0 - Book 3 Section 2.5.6.2 - Syntax of GET CHALLENGE command 2RA.072.5 - Book 3 Section 2.5.6.3 - Syntax of GET CHALLENGE command Data Field 2RA.067.0 - Book 3 Section 2.5.12.2 - Syntax of VERIFY command: P2 parameter Conditions:
ICC contains AIP value 10 00 Cardholder verification is supported ICC contains the following mandatory Data Objects (Application Expiration Date, Application PAN, CDOL1, and CDOL2) CVM list tag 8E contains CVR 0400 i.e. Enciphered PIN verified by ICC always. ICC contains all mandatory data objects to support Enciphered PIN Terminal supports Enciphered PIN All TAC (Denial/online/default) in terminal are setup to '00 00 00 00 00'
Procedure:
All IAC (Denial/online/default) in LT are set up to '00 00 00 00 00' For Generate AC Command P1=40 The terminal will perform the following functions as a part of the basic EMV transaction: Application Selection Initiate Application Processing Read Application Data Cardholder Verification Terminal Action Analysis Completion. Terminal shall process the card to transaction completion Terminal shall be consistent with the command formats. Terminal shall issue all mandatory commands as specified below. If the Terminal supports Get Data for PIN Try Counter, it will be issued prior to the Verify command. Terminal shall issue Get Challenge command after Read Application Data but prior to Verify command Each command shall contain the correct syntax and be issued at the
Pass Criteria:
Page 44
Page 45
Reference: 2RA.043.0 - Book 3 Section 2.5.7.2 - Syntax of GET DATA command 2RA.043.5 - Book 3 Section 2.5.7.2 - Syntax of GET DATA command Data Field Conditions:
ICC contains AIP value 08 00 Terminal Risk Management to be performed ICC contains the following mandatory Data Objects (Application Expiration Date, Application PAN, CDOL1, and CDOL2) ICC contains Upper and Lower Consecutive Off-line Limits All TAC (Denial/online/default) in terminal are setup to '00 00 00 00 00'
Procedure:
For Generate AC Command P1=40 The terminal will perform the following functions as a part of the basic EMV transaction: Application Selection Initiate Application Processing Read Application Data Terminal Risk Management Terminal Action Analysis Completion. Terminal shall process the card to completion for all the EMV transactions. Terminal shall be consistent with the command formats. Terminal shall issue all mandatory commands as specified below. Terminal shall issue Get Data Commands for Application Transaction Counter and Last On-line Application Transaction Counter after Read st Application Data but prior to 1 GEN AC. Each command shall contain the correct syntax and be issued at the appropriate time. (Follow command flow and syntax below)
Select: Mandatory Command 00 A4 04 00 Lc Command Data Le Lc = 05 10 (Length of Command Data) Command Data = File Name Le = (Not Present T=0) Get Processing Options: Mandatory Command 80 A8 00 00 Lc Command Data Le Lc = variable (Length of Command Data) Command Data = (Processing Options Data Object List - PDOL)
Pass Criteria:
Page 46
Page 47
2.5.4.2
Syntax Syntax
of of
EXTERNAL EXTERNAL
ICC contains AIP value 04 00 Issuer authentication is supported ICC contains the following mandatory Data Objects (Application Expiration Date, Application PAN, CDOL1, and CDOL2) Terminal online capability 1 GEN AC ARQC Issuer authentication data- returned in response to host All TAC (Denial/online/default) in terminal are setup to '00 00 00 00 00'
st
Procedure:
For Generate AC Command P1=40 The terminal will perform the following functions as a part of the basic EMV transaction: Application Selection Initiate Application Processing Read Application Data Terminal Action Analysis Online Processing Issuer Authentication Completion. Terminal shall process the card to completion for all the EMV transactions. Terminal shall be consistent with the command formats. Terminal shall issue all mandatory commands as specified below. Terminal shall issue External Authenticate command after the First Generate AC command, but prior to the Second Generate AC command. Each command shall contain the correct syntax and be issued at the appropriate time. (Follow command flow and syntax below)
Select: Mandatory Command 00 A4 04 00 Lc Command Data Le Lc = 05 10 (Length of Command Data) Command Data = File Name Le = (Not Present T=0)
Pass Criteria:
Page 48
Page 49
Procedure: Application in LT is selected and transaction is performed with LT Pass Criteria: The terminal shall complete and approve the transaction The data in the terminal buffer when sent in the batch data capture shall be in accordance with values sent back by the LT
Page 50
2CA.001.00
Test No. 2CA.001.00
Objective: To ensure that the terminal complies with the Data Object coding and allocation scheme as described in ISO/IEC 7816-6 and Book 3 Annex B. Reference: 2RA.001.0 - Book 3 Section 1.2 & Book 3 Annex B - Coding and Allocation of Tags Conditions: LT is such as all types of Data Objects are exchanged during the transaction: All templates, Data Objects with tag on 1,2, bytes, Data Objects with length on 1, 0r 2, or 3 bytes, Constructed Data Objects Primitive Data Objects All Data Objects received from Terminal shall be in accordance with ISO/IEC 7816-6 coding Procedure: Application in LT is selected and transaction is performed with LT Pass Criteria: Data Object received by the Terminal shall be interpreted correctly
Page 51
2CA.001.04
Test No. 2CA.001.04
Objective: To ensure that the terminal is capable of correctly interpreting TLV data objects with a length field coded 00 as defined in ISO/IEC 7816. A data element with length 00 is treated as not present. Reference: 2RA.001.4 - Book 3 Section 1.2 Coding of Length in TLV Conditions: The LT send a data object with a length field coded '00'
Procedure: Application in LT is selected and transaction is performed with LT Pass Criteria: The terminal shall treat this data as not present and complete transaction
Page 52
Page 53
Page 54
Page 55
Page 56
Page 57
Page 58
Page 59
2CA.019.00 Processing DOLs: longer data object length, compressed numeric format
Test No. 2CA.019.00 Objective: To verify that whenever the length specified in the DOL entry is greater than the length of the actual data object, the actual data is padded with trailing hexadecimal FFs if the data has a compressed numeric format. Reference: 2RA.011.1 - Book 3 Section 1.4 - Processing DOLs: longer data object length, compressed numeric format Conditions: The LT has previously sent the DOL to the terminal. The DOL contains a data object which has compressed numeric format and a length longer than actual Data Object Length Procedure: Application in LT is selected and transaction is performed with LT (in particular the DOL processing). Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing the Data Object correctly padded with trailing hexadecimal FFs (portion has the same length as the Data Object in DOL).
Page 60
Page 61
Page 62
Page 63
Page 64
Page 65
Page 66
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion TVR byte 1, bit 6 =1 i.e. ICC data missing TVR byte 4, bit 7 =1 i.e. Lower consecutive offline limit exceeded TVR byte 4, bit 6= 1 i.e. Upper consecutive offline limit exceeded
Page 67
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion The terminal performs PIN processing
Page 68
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion.
Procedure: The first application in the candidate list in selected, then removed and the terminal initiate the selection of the second mutually supported application. Pass Criteria: In response to the status words 6985, the terminal shall terminate processing the current application and return to the application selection function to select another application
Page 69
Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 0 ie Offline Dynamic Data Authentication not failed TSI byte 1, bit 8=1 ie Offline data authentication was performed
Procedure: Application in LT is selected and transaction is processed with LT (in particular the Read Application Data phase). Pass Criteria: The terminal shall process the transaction until completion.
Page 70
Procedure: The first application in the candidate list in selected, then removed and the terminal initiate the selection of the second mutually supported application. Pass Criteria: In response to the status words 6A83, the terminal shall terminate PSE processing and return to the application selection function using the list of AID
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion.
Page 71
Pass Criteria: The terminal shall process the transaction until completion. TVR byte 3, bit 6 = 0 ie PIN Try limit not exceeded TVR byte 3, bit 5 = 0 ie PIN Entry required and PIN pad present TVR byte 3, bit 4 = 0 ie PIN entered TSI byte 1, bit 7=1 ie Cardholder verification was performed
Page 72
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal understands there is no more PIN try left and stops sending verify commands. TVR byte 3, bit 6=1 ie PIN Try Limited exceeded TSI byte 1, bit 7=1 ie Cardholder verification was performed
Page 73
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 3, bit 6 = 1 ie PIN Try limit exceeded
Page 74
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 3, bit 6 = 1 ie PIN Try limit exceeded
Page 75
Conditions: Terminal supports Enciphered offline PIN verification LT returns status different from 90 00 in response to GET CHALLENGE CVM is 'Enciphered offline PIN verification, always' Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall terminate processing of transaction
Page 76
LT returns several status values different from 90 00 and 69 85 in response to GET PROCESSING OPTIONS.
Procedure: Application in LT is selected and transaction is started with LT. Pass Criteria: The terminal shall terminate processing of transaction.
Procedure: Application in LT is selected and transaction is processed with LT up to the Read Application Data phase. Pass Criteria: The terminal shall terminate processing of transaction.
Page 77
Page 78
Page 79
Page 80
Page 81
Page 82
Page 83
Page 84
Procedure: Application in LT is selected and transaction is performed with LT until completion Pass Criteria: The terminal shall ask for a referral
Page 85
Page 86
Page 87
Page 88
Page 89
2CA.072.00 Syntax of GET DATA returned Data Field (PIN try limit)
Test No. 2CA.072.00 Objective: To ensure that the terminal is able to recognize the GET DATA returned Data field when PIN try limit is requested Reference: 2RA.044.2 - Book 3 Section 2.5.7.1 - Syntax of GET DATA returned Data Field (PIN try counter) Conditions: LT supports Cardholder Verification (AIP byte 1 bit 5 = 1)
Terminal support GET DATA for PTC CVM List is 'Plaintext PIN verification by ICC' (byte 9 bits 6-1 = 000001) or 'Enciphered PIN verification by ICC' (byte 9 bits 6-1 = 000100) or 'Plaintext PIN verification by ICC and signature' (byte 9 bits 6-1 = 000011) or 'Enciphered PIN verification by ICC and signature' (byte 9 bits 6-1 = 000101) PIN try counter = 0 LT returns status 90 00 in response to GET DATA as well as a valid response (PIN try Counter) CDOL1 Requests TVR and TSI Procedure: Application in LT is selected and transaction is performed with LT Pass Criteria: The terminal shall accept the card and process the transaction until the end. TVR byte 3, bit 6 = 1 ie PIN Try limit exceeded TSI Byte 1, bit 7=1 ie, Cardholder verification was performed
Page 90
Page 91
2CA.076.00 Syntax of GET PROCESSING OPTIONS Data Field: PDOL empty (implied)
Test No. 2CA.076.00 Objective: To ensure that the terminal issues a GET PROCESSING OPTIONS command without a Processing Options Data Object List (PDOL) when the PDOL data object is present in the FCI of the selected ADF but is empty Reference: 2RA.047.1 - Book 3 Section 2.5.8.3 - Syntax of GET PROCESSING OPTIONS Data Field: PDOL empty (implied) Conditions: PDOL is returned in the FCI of the selected ADF and is empty Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The LT shall receive a GET PROCESSING OPTIONS data field (associated to the GET PROCESSING OPTIONS command field) with the correct syntax: data object with length = 0 and Tag 83
Page 92
Procedure: Application in LT is selected and transaction is performed with LT Pass Criteria: The terminal shall accept the card and process the transaction until the end. Value of AIP in GENERATE AC command shall be in accordance with the value sent back by the LT.
Page 93
Procedure: Application in LT is selected and transaction is performed with LT Pass Criteria: The terminal shall accept the card and process the transaction until the end. Value of AIP in GENERATE AC command shall be in accordance with the value sent back by the LT. LT shall receive READ RECORD commands in accordance to AFL
Page 94
Page 95
Page 96
Page 97
Procedure: Application in LT is selected and transaction is performed with LT Pass Criteria: The terminal shall accept the card and process the transaction until the end. Values of PAN And Application Expiration date shall be in accordance of the value returned by the LT.
Page 98
Page 99
Page 100
Page 101
2CA.096.00 Syntax of SELECT DDF returned Data Field: optional data (implied)
Test No. 2CA.096.00 Objective: To ensure that if the terminal supports selection with PSE, it accepts the absence of optional data objects in the SELECT DDF returned Data field. Reference: 2RA.063.3 - Book 1 Section 7.3.4 - Syntax of SELECT DDF returned Data Field: optional data (implied) Conditions: FCI of DDF contains mandatory but no optional data fields Terminal supports selection with PSE Procedure: Application in LT is selected and transaction is performed with LT Pass Criteria: The terminal shall accept the card and process the transaction until the end. LT shall received a READ RECORD command with SFI coded according to SFI returned in FCI of DDF
Page 102
Page 103
2CA.103.00 Syntax of VERIFY Data Field for option plaintext offline PIN
Test No. 2CA.103.00 Objective: To ensure that the terminal issues a VERIFY command with a Plain Text Offline PIN Block in the data field when option is Plaintext PIN Reference: 2RA.068.0 - Book 3 Section 2.5.12.2 - Syntax of VERIFY Data Field for option plaintext offline PIN Conditions: Terminal and LT support Offline PIN Verification. Different length of PIN are tested Procedure: Application in LT is selected and transaction is performed with LT for all PIN length tested Pass Criteria: The LT shall receive a VERIFY data field (associated to the VERIFY command field) with the correct syntax as defined in Book 3 Section 2.5.12.2
Page 104
Page 105
Application Selection
2CB.002.00 Definition of PSE
Test No. 2CB.002.00 Objective: To ensure that if the terminal supports selection with PSE, it understands PSE format and in particular recognize the FCI of the PSE and optional data objects Reference: 2RB.002.0 - Book 1 Section 7.3.3 - Definition of PSE Conditions: Terminal supports selection with PSE Procedure: Application Selection with PSE process is performed. Pass Criteria: The terminal shall accept the card. LT shall received a READ RECORD command with SFI coded according to SFI returned in FCI
Page 106
Page 107
Page 108
Page 109
Page 110
2CB.011.00 Matching AIDs: AID beginning with Terminal AID criteria supported
Test No. 2CB.011.00 Objective: To ensure that the terminal keeps for each application an indication of which matching criteria to use and in particular that the terminal is able to support AID beginning with terminal AID criteria Reference: 2RB.012.1 - Book 1 Section 8.3.1 - Matching AIDs: AID beginning with Terminal AID criteria supported Conditions: LT contains several applications. The beginning of the AID of these applications is identical and match the beginning of one of the AID kept in terminal Application have different priorities in the LT Terminal supports several AID but one of the supported AID has a value matching the beginning of all AID in LT Terminal supports AID beginning with terminal AID criteria for this AID A list is presented to the cardholder. Procedure: Application Selection using list of AID is performed with LT Pass Criteria: The terminal shall accept the card . Terminal shall indicate to cardholder which application can be selected
Page 111
2CB.013.00 Selection Using the Payment Systems Directory: Card Blocked or Command Not Supported
Test No. 2CB.013.00 Objective: To ensure that if the terminal supports selection with PSE, and card returns 6A 81 in response to the SELECT PSE command, the terminal terminates the transaction. Reference: 2RB.014.0 - Book 1 Section 8.3.2 - Selection Using the Payment Systems Directory: Card Blocked or Command Not Supported Conditions: Terminal supports selection with PSE LT returns 6A 81 to SELECT PSE command Procedure: Application Selection with PSE process is performed. Pass Criteria: The terminal shall terminate the transaction.
Page 112
2CB.014.00 Selection Using the Payment Systems Directory: SELECT PSE returns an error
Test No. 2CB.014.00 Objective: To ensure that if the terminal supports selection with PSE, and card returns status other than 90 00 or 6A 81 in response to the SELECT PSE command, the terminal switches to the list of applications method. Reference: 2RB.015.0 - Book 1 Section 8.3.2 - Selection Using the Payment Systems Directory: SELECT PSE returns an error Conditions: Terminal supports selection with PSE LT returns status other than 90 00 or 6A 81 to SELECT PSE command Procedure: Application Selection with PSE process is performed for all status tested. Pass Criteria: Terminal shall use the list of applications method.
Page 113
Page 114
Page 115
Page 116
Page 117
Page 118
Page 119
Page 120
Page 121
Page 122
Page 123
Procedure: Application Selection using list of AID is performed. Pass Criteria: After SELECT AID command, the LT shall receive SELECT AID with P2 option set to next until LT answer is '6A 82'. The terminal will not store the first AID as a selectable application
Page 124
2CB.031.06 DF name longer than AID & multiple occurrence & application not blocked
Test No. 2CB.031.06 Objective: To ensure that if the DF name in the ICC is longer than the AID in the terminal but are identical up to and including the last character in the terminal AID, the terminal shall check the Application Selection indicator. If the Application Selection Indicator indicates that multiple occurrence are permitted and if the application is not blocked, the terminal adds the AID to the candidate list and repeats the SELECT command using the same command data as before, but change P2 in the command to '02'. Reference: 2RB.029.2 - Book 1 Section 8.3.3 - DF name longer than AID & multiple occurrence & application not blocked Conditions: Terminal supports at least one AID DF Name contained in FCI returned by the LT for first AID selection is longer than terminal AID used for selection but they are identical up to and including the last character in the terminal AID Terminal Application Selection Indicator allows multiple occurrence for selected AID LT answers '90 00' to the first SELECT NEXT command
Procedure: Application Selection using list of AID is performed. Pass Criteria: After SELECT AID command, the LT shall receive SELECT AID with P2 option set to next The terminal shall store the first AID in the candidate list
Page 125
2CB.031.07 DF name longer than AID & multiple occurrence & application blocked
Test No. 2CB.031.07 Objective: To ensure that if the DF name in the ICC is longer than the AID in the terminal , but they are identical up to and including the last character in the terminal AID , the terminal shall check the Application Selection indicator. If the Application Selection Indicator indicates that multiple occurrence are permitted and if the application is blocked, the terminal does not add the AID to the candidate list and repeats the SELECT command using the same command data as before, but change P2 in the command to '02'. Reference: 2RB.029.3 - Book 1 Section 8.3.3 - DF name longer than AID & multiple occurrence & application blocked Conditions: Terminal supports at least one AID DF Name contained in FCI returned by the LT for first AID selection is longer than terminal AID used for selection but they are identical up to and including the last character in the terminal AID Terminal Application Selection Indicator allows multiple occurrence for selected AID LT answers '62 83' to the first SELECT command
Procedure: Application Selection using list of AID is performed. Pass Criteria: After SELECT AID command, the LT shall receive SELECT AID with P2 option set to next until LT answer is '6A 82'. The terminal shall not store the first AID as a selectable application.
Page 126
Page 127
Page 128
Page 129
Page 130
Page 131
Page 132
Page 133
Page 134
Page 135
Page 136
Page 137
2CB.055.00 Final Selection of Application from Candidate List: SELECT status different from 90 00
Test No. 2CB.055.00 Objective: To ensure that if the card returns a status different from '90 00' to the SELECT command sent to select the chosen application, the terminal removes the application from the list of mutually supported applications and switches back to the final application selection process Reference: 2RB.044.0 - Book 1 Section 8.3.4 - Final Selection of Application from Candidate List: SELECT status different from '90 00' Conditions: There are several matching AIDs between LT and Terminal Applications have different priorities LT returns status different from '90 00' after final selection Procedure: Application Selection using PSE or List of AID is performed. Pass Criteria: Terminal shall remove the application from the candidate list and shall switch back to the final selection process after the card answered to final SELECT with status different from '90 00' The candidate list generated during the second selection process shall not contain anymore the application used during the above final SELECT
Page 138
Security Aspects
2CC.003.00 Terminal shall be able to store 6 CA Index per RID
Test No. 2CC.003.00 Objective: To ensure that if the terminal supports Static Data Authentication, it is able to store 6 Certification Authority Public Keys and the key-related information to be used with the key and it is able, given RID and Certification Authority Public Key Index, to locate such key. Reference: 2RC.003.00 - Book 2 - Section 5 - Requirements Terminal Must Meet to Perform SDA Conditions: Terminal is loaded with 6 Certification Authority Public Keys and associated data Static signature in LT is good (for each combination above) Terminal and LT support Static Data Authentication CDOL1 requests TSI and TVR. Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 0 ie Offline Static Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 139
Page 140
Page 141
+ 1 (2 values
Page 142
+ 1 as exponent for
Reference: 2RC.008.0, Book 2 - Section5.1 - Value of Issuer Public Key Exponent Conditions: Static signature in LT is good Exponent of Issuer Public Key is 3 or 216 + 1 (2 values tested) Terminal and LT support Static Data Authentication CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 0 ie Offline Static Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 143
Page 144
Page 145
Page 146
Page 147
Page 148
Page 149
Page 150
Page 151
Page 152
2CC.020.00 Difference between calculated Hash Result and recovered Hash Result
Test No. 2CC.020.00 Objective: To ensure that the terminal fails the Static Data Authentication, if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate Reference: 2RC.017.0 , Book 2 - Section 5.3 - Difference between calculated Hash Result and recovered Hash Result Conditions: Issuer Public Key Certificate in LT is calculated with a bad Hash value Terminal and LT support Static Data Authentication CDOL1 requests TSI and TVR. Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 1 ie Offline Static Data Authentication failed TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 153
Page 154
Page 155
2CC.023.00 RID, CA Public Key Index and Certificate Serial Number not valid
Test No. 2CC.023.00 Objective: To ensure that the terminal fails the Static Data Authentication, if the concatenation of RID, CA Public Key Index and Certificate Serial Number indicates a revocated Certificate Reference: 2RC.020.0 , Book 2 - Section 5.3 - RID, CA Public Key Index and Certificate Serial number not valid Conditions: Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such as the certificate is in the revocation list of the terminal Terminal supports revocation of the Issuer Public Key Certificate Terminal and LT support Static Data Authentication CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 1 ie Offline Static Data Authentication failed TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 156
Page 157
Page 158
Page 159
Page 160
Page 161
2CC.031.00 Difference between calculated Hash Result and recovered Hash Result
Test No. 2CC.031.00 Objective: To ensure that the terminal fails the Static Data Authentication, if the calculated Hash Result is different from the Hash Result recovered from Signed Static Application Data Reference: 2RC.028.0 , Book 2 - Section 5.4 - Difference between calculated Hash Result and recovered Hash Result Conditions: Signed Static Application Data in LT is calculated with a bad Hash value Terminal and LT support Static Data Authentication CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 1 ie Offline Static Data Authentication failed TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 162
Page 163
CDOL1 requests TSI ,TVR and Tag '9F 45' Data Authentication is 'DA C0'
Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 0 ie Offline SDA succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed Value of Tag '9F 45' is 'DA C0' in CDOL1
Page 164
Page 165
Page 166
Page 167
Page 168
+ 1 as exponent for
Reference: 2RC.038.0 , Book 2 - Section 6.1 - Value of Issuer Public Key Exponent Conditions: Dynamic signature computed by LT is good Exponent of Issuer Authority Public Key is 3 or 216 + 1 (2 values tested) Terminal and LT support Dynamic Data Authentication CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 0 ie Offline Dynamic Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 169
Page 170
Page 171
Page 172
Page 173
Page 174
Page 175
Page 176
Page 177
Page 178
Page 179
Page 180
2CC.055.00 Difference between calculated Hash Result and recovered Hash Result
Test No. 2CC.055.00 Objective: To ensure that the terminal fails the Dynamic Data Authentication, if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate. Reference: 2RC.048.0 , Book 2 - Section 6.3 - Difference between calculated Hash Result and recovered Hash Result Conditions: Terminal and LT support Dynamic Data Authentication Issuer Public Key Certificate in LT is calculated with a bad Hash value CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 1 ie Offline Dynamic Data Authentication failed TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 181
Page 182
Page 183
2CC.058.00 RID, CA Public Key Index and Certificate Serial Number not valid
Test No. 2CC.058.00 Objective: To ensure that the terminal fails the Dynamic Data Authentication, if the concatenation of RID, CA Public Key Index and Certificate Serial Number indicates a revocated Certificate. Reference: 2RC.051.0 , Book 2 - Section 6.3 - RID, CA Public Key Index and Certificate Serial number not valid Conditions: Terminal supports revocation of the Issuer Public Key Certificate Terminal and LT support Dynamic Data Authentication Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such as the certificate is in the revocation list of the terminal CDOL1 requests TSI and TVR. Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 1 ie Offline Dynamic Data Authentication failed TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 184
Page 185
Page 186
Page 187
Page 188
Page 189
2CC.066.00 Difference between calculated Hash Result and recovered Hash Result
Test No. 2CC.066.00 Objective: To ensure that the terminal fails the Dynamic Data Authentication, if the calculated Hash Result is different from the Hash Result recovered from the ICC Public Key Certificate. Reference: 2RC.059.0 , Book 2 - Section 6.4 - Difference between calculated Hash Result and recovered Hash Result Conditions: Terminal and LT support Dynamic Data Authentication ICC Public Key Certificate in LT is calculated with a bad Hash value CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 1 ie Offline Dynamic Data Authentication failed TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 190
Page 191
Page 192
Page 193
Page 194
Page 195
Page 196
Page 197
Page 198
Page 199
Page 200
Page 201
Page 202
Page 203
2CC.083.00 Difference between calculated Hash Result and recovered Hash Result
Test No. 2CC.083.00 Objective: To ensure that the terminal fails the Dynamic Data Authentication, if the calculated Hash Result is different from the Hash Result recovered from the Signed Dynamic Application Data. Reference: 2RC.075.0 , Book 2 - Section 6.5.2 - Difference between calculated Hash Result and recovered Hash Result Conditions: Terminal and LT support Dynamic Data Authentication Signed Dynamic Application Data is calculated by LT with a bad Hash value CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 1 ie Offline Dynamic Data Authentication failed TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 204
Page 205
Page 206
Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 0 ie Offline DDA succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed Value of Tag '9F 4C' shall be the same as used in DDA
Page 207
Page 208
Page 209
Page 210
2CC.096.00 ICC PIN Encipherment Public Key recovering: ICC PIN Encipherment Public Key
Test No. 2CC.096.00 Objective: To ensure that if the terminal supports offline PIN encryption, it is able to retrieve the ICC PIN encipherment Public Key if data in table 20, Book 2 is present in the card. Reference: 2RC.089.0 , Book 2 - Section 7.1 - ICC PIN Encipherment Public Key recovering: ICC PIN Encipherment Public Key Conditions: Terminal and LT support Offline PIN encryption PIN Encipherment Public Key and associated data are present in LT Data in table 20, Book 2 - Section 7.1 is present in the LT. CVM requires 'Enciphered PIN verification Offline' Procedure: Application in LT is selected and transaction is processed with LT (in particular Cardholder verification). Pass Criteria: The terminal shall process the transaction until completion. Once deciphered with PIN encipherment private Key, the LT shall recover the PIN value presented and unpredictable Number generated by LT
Page 211
2CC.097.00 ICC PIN Encipherment Public Key recovery: ICC Issuer Public Key
Test No. 2CC.097.00 Objective: To ensure that if the terminal supports offline PIN encryption, it is able to retrieve the ICC Public Key if data in table 20, Book 2, is not present in the card, but all data elements in table 8, Book 2, are present in the ICC, if ICC 16 Public Key Exponent is = 3 or 2 +1. Reference: 2RC.090.0 , Book 2 - Section 7.1 - ICC PIN Encipherment Public Key recovering ICC Issuer Public Key Conditions: Terminal and LT support Offline PIN encryption ICC Public Key and associated data are present in LT Data in table 20, Book 2 is not present in the LT , but all data elements in table 11, Book 2 are present in the LT, if the ICC Public Key Exponent is = 3 or 216 +1. CVM requires 'Enciphered PIN verification Offline' CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Cardholder verification). Pass Criteria: The terminal shall process the transaction until completion. Once deciphered with ICC private Key, the LT shall recover the PIN value presented within the PIN block and the unpredictable Number generated by LT TSI byte 1, bit 7=1 ie Cardholder verification was performed TVR byte 3, bit 8=0 ie Cardholder verification was successful
Page 212
Procedure: Application in LT is selected and transaction is processed with LT (in particular Cardholder verification). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 3, bit 8 = 1 ie Cardholder verification was not successful
Page 213
Page 214
Page 215
2CC.102.00 VERIFY
Test No. 2CC.102.00 Objective: To ensure that if the terminal supports offline PIN encryption, it issues a VERIFY command containing the Enciphered PIN Data Reference: 2RC.095.0 , Book 2 - Section 7.2 - VERIFY Conditions: Terminal and LT support Offline PIN encryption ICC Public Key and associated data are present in LT CVM requires 'Enciphered PIN verification Offline' Procedure: Application in LT is selected and transaction is processed with LT (in particular Cardholder verification). Pass Criteria: The terminal shall process the transaction until completion. The LT shall receive a VERIFY command from the terminal with Enciphered PIN Data in the data field
Page 216
Page 217
Page 218
Page 219
The following pass criteria only applies if the terminal has the ability to store declined transactions: TVR byte 1, bit 3 shall be set to 1 indicating Combined DDA/AC Generation failed.
Page 220
The following pass criteria only applies if the terminal has the ability to store declined transactions. TVR byte 1, bit 3 shall be set to 1 indicating Combined DDA/AC Generation failed.
Page 221
Page 222
Page 223
Page 224
Page 225
2CC.127.00 Recovered CID different from CID obtained after Generate AC (1)
Test No. 2CC.127.00 Objective: To ensure that the terminal checks that the CID recovered is the same as the one transmitted in the response to the Generate AC Reference: Based on Bulletin N 6 Conditions: CDOL1 and CDOL2 in LT include Unpredictable Number generated by the terminal (tag 9F 37) Terminal and LT support Enhanced Combined DDA/AC LT responds with TC CID in signature is ARQC CDOL2 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 3 = 1 i.e. Combined DDA/AC Generation failed TSI byte 1, bit 8 = 1 i.e. Offline Data Authentication was performed
Page 226
2CC.127.01 Recovered CID different from CID obtained after Generate AC (2)
Test No. 2CC.127.01 Objective: To ensure that the terminal checks that the CID recovered is the same as the one transmitted in the response to the Generate AC. Reference: Based on Bulletin N 6 Conditions: CDOL1 and CDOL2 in LT includes Unpredictable Number generated by the terminal (tag 9F 37) Terminal and LT support Enhanced Combined DDA/AC LT responds with a ARQC CID in signature is TC CDOL2 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC). Pass Criteria: The terminal shall process the transaction until completion.
TVR byte 1, bit 3 = 1 i.e. Combined DDA/AC Generation failed TSI byte 1, bit 8 = 1 i.e. Offline Data Authentication was performed
Page 227
Page 228
Page 229
Page 230
Page 231
Page 232
Page 233
The following pass criteria only applies if the terminal has the ability to store declined transactions: TVR byte 1, bit 3 shall be set to 1 indicating Combined DDA/AC Generation failed.
Page 234
Page 235
Page 236
Data Objects
2CE.001.00 Length field: 1 byte
Test No. 2CE.001.00 Objective: To ensure that terminal is able to support Data Object with Length on 1 byte (b8 = 0) Reference: 2RE.001.0 - Book 3 Annex B - Length field Conditions: LT contains Data Objects to be read with length on one byte (PAN for instance) Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion and shall manage correctly the Data Object with length on 1 byte received.
Page 237
Page 238
Security Mechanisms
2CG.002.00 Signature verification
Test No. 2CG.002.00 Objective: To ensure that the terminal verifies signature as described in Book 2 Annex A 2.1 Reference: 2RG.002.0 - Book 2 Annex A - Signature verification Conditions: Issuer Public Key Certificate and Static signature in LT are good Terminal and LT support Static Data Authentication CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 0 ie Offline Static Data Authentication succeeded
Page 239
Page 240
Page 241
Reference: 2RH.004.0 - Book 2 Annex B2 Section 1 - Upper bound for size of moduli Conditions: Terminal supports either Dynamic or Static Data Authentication 2 tests are performed: 1. LT supports Dynamic Data Authentication , length NIC = 248 bytes, length NI = 248 bytes, length NCA = 248 bytes, Dynamic signature computed by LT is good 2. LT supports Static Data Authentication , length NI = 248 bytes, length NCA = 248 bytes, Static signature in LT is good CDOL1 requests TSI and TVR
Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic or Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 0 or bit 7 =0 ie Offline Dynamic or Static Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 242
Page 243
for
Payment
Page 244
2CI.002.00
Test No. 2CI.002.00
Objective: To ensure that the terminal is able to read data in file with linear structure and records with fix size or variable size using READ RECORD command Reference: 2RI.002.0 - Book 3 Section 3 - READ RECORD in linear files Conditions: One Mandatory Data Element (PAN for instance) is located in file with linear structure and records with fix size Another Mandatory Data Element (Expiration Date for Instance) is located in file with linear structure and records with variable size Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion.
2CI.003.00 records
Test No. 2CI.003.00
Objective: To ensure that the terminal is able to read data in file with several records using READ RECORD command Reference: 2RI.003.0 - Book 3 Section 3 - READ RECORD in files containing multiple records Conditions: One Mandatory Data Element (PAN for instance) is located in first record of a file Another Mandatory Data Element (Expiration Date for Instance) is located in second record of same file Another Mandatory Data Element (CDOL1 and CDOL2 for Instance) is located in third record of same file Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion.
Page 245
2CI.004.00 READ RECORD with the record size in the range from 1 to 254 bytes
Test No. 2CI.004.00 Objective: To ensure that the terminal is able to read data in file with record size in range from 1 to 254 bytes using READ RECORD command Reference: 2RI.004.0 - Book 3 Section 3 - READ RECORD with the record size in the range from 1 to 254 bytes Conditions: A record containing only the template and length equals to 00 (70 00) is located in a single record A Data Element with average length is located in a single record (for instance Signed Static Application Data or CDOL1) A Data Element with maximum length (Total length including Tag and Length and Template is 254) is located in a single record (for instance CDOL1) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion.
2CI.005.00
Test No. 2CI.005.00
Objective: To ensure that the terminal is able to extract data read in record from template 0x70. Reference: 2RI.005.0 - Book 3 Section 3 - Record Data Format Conditions: Mandatory Data Elements (PAN, Expiration Date, CDOL1 and CDOL2) are located in a record within template 0x70 Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion.
Page 246
2CI.007.00 Free access conditions for files accessible using the READ RECORD command
Test No. 2CI.007.00 Objective: To ensure that the terminal is able to read data in a file with free access conditions Reference: 2RI.007.0 - Book 3 Section 3 - Free access conditions for files accessible using the READ RECORD command Conditions: Mandatory Data Elements are located in a file with free access conditions Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion.
2CI.008.00
Test No. 2CI.008.00
Objective: To ensure that the terminal is able to interpret the AFL and read data in the card using READ RECORD command according to the AFL information Reference: 2RI.008.0 - Book 3 Section 3 - READ RECORD in the Application File Locator Conditions: AFL bytes 1,2, & 3 are tested in the LT Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The LT shall receive a sequence of READ RECORD commands according to the AFL
Page 247
2CI.009.00 Date
Test No. 2CI.009.00
Objective: To ensure that the terminal checks that mandatory Data Object Application Expiration Date is present in the card and is able to use it. Reference: 2RI.010.0 - Book 3 Section 3.1 - Mandatory Data Objects: Application Expiration Date Conditions: Application Expiration Date is present in LT Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion
2CI.010.00
Test No. 2CI.010.00
Objective: To ensure that the terminal checks that mandatory Data Object PAN is present in the card and is able to use it. Reference: 2RI.010.1 - Book 3 Section 3.1 - Mandatory Data Objects: PAN Conditions: PAN is present in LT
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion
Page 248
2CI.011.00
Test No. 2CI.011.00
Objective: To ensure that the terminal checks that mandatory Data Object CDOL1 is present in the card and is able to use it. Reference: 2RI.010.2 - Book 3 Section 3.1 - Mandatory Data Objects: CDOL 1 Conditions: CDOL1 is present in LT
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall send the first Generate AC with the data requested in CDOL1
2CI.012.00
Test No. 2CI.012.00
Objective: To ensure that the terminal checks that mandatory Data Object CDOL2 is present in the card and is able to use it. Reference: 2RI.010.3 - Book 3 Section 3.1 - Mandatory Data Objects: CDOL 2 Conditions: CDOL2 is present in LT The LT requests an ARQC at first generate AC
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall send an 2nd Generate AC with the data requested in CDOL2
Page 249
2CI.013.00
Test No. 2CI.013.00
Objective: To ensure that the terminal accepts presence or absence of optional Data Object. Reference: 2RI.010.4 - Book 3 Section 3.1 - Optional Data Objects Conditions: Test is made with presence and absence of Optional Data Objects: (All Data Objects coming from card and read with READ RECORD except those listed in Book 3 table II-2, table II-3, table II-4.
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion
Page 250
Page 251
Page 252
2CI.017.00
Test No. 2CI.017.00
Objective: To ensure that the terminal is able to retrieve the PTC using the GET DATA command Reference: 2RI.014.0 - Book 3 Section 3.2 - GET DATA on PIN Try Counter Conditions: Both terminal and LT support Offline PIN verification Terminal supports GET DATA for PTC
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion LT shall receive a GET DATA command ( 80 CA 9F 17 )
2CI.018.00
Test No. 2CI.018.00
Objective: To ensure that the terminal is able to retrieve the LOATC using the GET DATA command Reference: 2RI.015.0 - Book 3 Section 3.2 - GET DATA on Last Online ATC Register Conditions: Lower and Upper consecutive Offline limits are present in LT Terminal supports Velocity Checking CDOL1 requests TVR LT supports Terminal Risk Management
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion TVR byte 1, bit 6 = 0 ie No ICC Data missing LT shall receive a GET DATA command ( 80 CA 9F 13 )
Page 253
2CI.019.00 ICC
Test No. 2CI.019.00
Objective: To ensure that the terminal retrieves the ATC using the GET DATA command when Lower and Upper consecutive Offline limits are present in the card Reference: 2RI.016.0 - Book 3 Section 3.2 - Both the Lower and the Upper Consecutive Offline Limit data objects exist in the ICC Conditions: Lower and Upper consecutive Offline limits are present in LT Terminal supports Velocity Checking CDOL1 requests TVR LT supports terminal risk management
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion TVR byte 1, bit 6 = 0 ie No ICC Data missing LT shall receive a GET DATA command ( 80 CA 9F 36 )
Page 254
2CI.020.00 Either the LCOL or the UCOL data objects is not present in the ICC
Test No. 2CI.020.00 Objective: To ensure that the terminal abort velocity checking when either Lower or Upper consecutive Offline limits are not present in the card Reference: 2RI.017.0 - Book 3 Section 3.2 - Either the Lower or the Upper Consecutive Offline Limit data objects is not present in the ICC Conditions: LT supports terminal risk management Terminal supports velocity checking Either Lower or Upper consecutive Offline limits are not present in LT
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: Terminal will terminate Velocity checking, The terminal shall process the transaction until completion LT shall not receive a GET DATA command for the ATC ( 80 CA 9F 36 ) LT shall not receive a GET DATA command for the LOATC (80 CA 9F 13)
Page 255
2CI.021.00 command
Test No. 2CI.021.00
Objective: To ensure that the terminal is able to retrieve and understand both AFL and AIP, using the GET PROCESSING OPTIONS Reference: 2RI.018.0 - Book 3 Section 3.3 - Data retrievable by GET PROCESSING OPTIONS command Conditions: AFL and AIP are present in the LT CDOL1 and CDOL2 request TSI and TVR Issuer authentication shall be verified by CDOL2 if terminal has online capability Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion LT shall receive a GET PROCESSING OPTIONS command LT shall receive a sequence of READ RECORD according to AFL TVR, TSI and command received by the LT shall reflect options supported in AIP (Offline Authentication, Cardholder Verification, Terminal Risk Management and Issuer Authentication)
Page 256
Page 257
2CI.023.00 Functions not specified in the AIP: Offline Static Data Authentication
Test No. 2CI.023.00 Objective: To ensure that the terminal does not perform Offline Static Data Authentication if not supported in AIP Reference: 2RI.019.1 - Book 3 Section 4 - Functions not specified in the Application Interchange Profile: Offline Static Data Authentication Conditions: AIP returned by LT specifies that Offline Static Data Authentication is not supported and Offline Dynamic Data Authentication neither CDOL1 request TSI and TVR Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion TVR byte 1, bit 8 = 1 ie Offline Data Authentication was not performed TSI byte 1, bit 8 = 0 ie Offline Data Authentication was not performed
Page 258
Page 259
2CI.025.00 Functions not specified in the AIP: Offline Dynamic Data Authentication
Test No. 2CI.025.00 Objective: To ensure that the terminal does not perform Offline Dynamic Data Authentication if not supported in AIP Reference: 2RI.019.3 - Book 3 Section 4 - Functions not specified in the Application Interchange Profile: Offline Dynamic Data Authentication Conditions: AIP returned by LT specifies that Offline Dynamic Data Authentication is not supported and Offline Static Data Authentication neither CDOL1 request TSI and TVR Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion TVR byte 1, bit 8 = 1 ie Offline Data Authentication was not performed TSI byte 1, bit 8 = 0 ie Offline Data Authentication was not performed
Page 260
Page 261
Page 262
Page 263
TVR byte 4, bit 5=0 ie Transaction not selected randomly TSI byte 1, bit 4 = 0 ie Terminal Risk Management was not performed
Page 264
Page 265
Page 266
2CI.032.00
Test No. 2CI.032.00
Exception Handling
Objective: To ensure that the terminal terminates the transaction in case of status returned by the card different from 90 00, 63 Cx, 62 83 unless otherwise specified in Book 3. Reference: 2RI.020.0 - Book 3 Section 4.1 - Exception Handling Conditions: LT returns status different from 90 00, 63 Cx, 62 83 to command sent by the Terminal. Test is performed with several command and with several status except for the following configurations: SW1SW2 = '6985' at GPO SW1SW2 = '6983' or '6984' or '63Cx' at VERIFY if LT and terminal support Offline PIN SW1SW2 = any error code at GET DATA requesting PTC if LT and terminal support Offline PIN SW1SW2 = any error code at GET DATA requesting ATC and LATC if LT and terminal support Velocity Checking as Terminal Risk management SW1SW2 = 6300 at External Authenticate
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall terminate the transaction
Page 267
2CI.033.00 Functions specified in the Application Interchange Profile: Enhanced Combined DDA / GENERATE AC
Test No. 2CI.033.00 Objective: To ensure that the terminal performs Enhanced Combined DDA / GENERATE AC if supported by the ICC as specified in the Application Interchange Profile. Reference: 2RI.021.0 - Book 3 Section 4 - Functions specified in the Application Interchange Profile: Combined DDA / GENERATE AC Conditions: CDOL1 and CDOL2 in ICC includes Unpredictable Number generated by the terminal (tag 9F 37) AIP indicates that ICC supports Enhanced Combined DDA/AC The terminal supports Enhanced Combined DDA/AC CDOL1 requests also TSI and TVR. ICC responds with a TC or ARQC Procedure: Application in LT is selected and transaction is processed with LT (in particular Combined Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR and TSI (contained in Batch Data Captured message or other) shall have TVR byte 1, bit 3 = 0 ie Offline Enhanced Combined DDA succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 268
2CI.034.00 Functions not specified in the Application Interchange Profile: Enhanced Combined DDA / GENERATE AC
Test No. 2CI.034.00 Objective: To ensure that the terminal does not perform Enhanced Combined DDA / GENERATE AC if not supported by the ICC as specified in the Application Interchange Profile. Reference: 2RI.021.1 - Book 3 Section 4 - Functions not specified in the Application Interchange Profile: Enhanced Combined DDA / GENERATE AC Conditions: CDOL1 and CDOL2 in ICC includes Unpredictable Number generated by the terminal (tag 9F 37) AIP does not indicate that ICC supports Enhanced Combined DDA/AC, neither SDA nor DDA The terminal supports Enhanced Combined DDA/AC CDOL1 requests also TSI ICC responds with a TC or ARQC Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall not ask the ICC to process a combined DDA in 1st Generate AC The terminal shall process the transaction until completion. TVR and TSI (contained in Batch Data Captured message or other) shall have TSI byte 1, bit 8 = 0 ie Offline Data Authentication was not performed
Page 269
Page 270
2CJ.003.00 GET PROCESSING OPTIONS data field, when PDOL is provided in FCI
Test No. 2CJ.003.00 Objective: To ensure that if PDOL is present in the FCI of selected ADF, the terminal sends the GET PROCESSING OPTIONS command with a data field populated with a constructed data object with a tag of 83, a length field with appropriate length and, a value field of concatenated data elements coded according to the PDOL Reference: 2RJ.003.0 - Book 3 Section 6.1 - GET PROCESSING OPTIONS data field, when PDOL is provided in FCI Conditions: PDOL is sent back by the LT in FCI of selected ADF (test is made with several PDOL values) Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: LT shall receive a GET PROCESSING OPTIONS command with a data field containing a data object with Tag 83 and a value field of concatenated data elements coded according to the PDOL
2CJ.004.00 GET PROCESSING OPTIONS data field, when PDOL is not provided in FCI
Test No. 2CJ.004.00 Objective: To ensure that if PDOL is not present in the FCI of selected ADF, the terminal sends the GET PROCESSING OPTIONS command with a data field populated with a constructed data object with a tag of 83, and a length 0 Reference: 2RJ.004.0 - Book 3 Section 6.1 - GET PROCESSING OPTIONS data field, when PDOL is not provided in FCI Conditions: No PDOL is sent back by the LT in FCI of selected ADF Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: LT shall receive a GET PROCESSING OPTIONS command with a data field containing a data object with Tag 83 and a length 0
Page 271
Page 272
Page 273
Page 274
Page 275
Page 276
Page 277
Page 278
Page 279
Page 280
2CJ.018.00 Record Data Format: Proprietary data participating in offline data authentication
Test No. 2CJ.018.00 Objective: To ensure that the terminal is able to read and include in Offline data authentication, data objects located in proprietary files provided that proprietary files are readable without conditions by READ RECORD command Reference: 2RJ.016.1 - Book 3 Section 6.2 - Data located in proprietary records Conditions: An EMV Data Object is included in a record, located in a proprietary file, and listed in AFL and included in the data to be signed Terminal and LT support Static Data Authentication Signed Static Application Data is good CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 0 ie Offline Static Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 281
Page 282
2CJ.021.00 Both the Terminal and the Card support Enhanced Combined DDA/AC (TC, 1st Generate AC)
Test No. 2CJ.021.00 Objective: To ensure that if both the card and the terminal support Enhanced Combined DDA/AC, the terminal performs Enhanced Combined DDA/AC. Reference: Based on Bulletin N 6 Conditions: Terminal and LT support Enhanced Combined DDA/AC CDOL1 and CDOL2 include Unpredictable Number generated by the terminal (tag 9F 37) LT answers TC at 1st Generate AC Enhanced Combined DDA/AC Generation signature generated by LT is good Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC). Pass Criteria: The terminal shall process the transaction until completion. TVR and TSI (contained in Financial Confirmation message or Batch Data Captured message or other) shall have: TVR byte 1, bit 3 = 0 i.e. Combined DDA/AC Generation succeeded TSI byte 1, bit 8 = 1 i.e. Offline Data Authentication was performed
Page 283
2CJ.021.01 Both the Terminal and the Card support Enhanced nd Combined DDA/AC (TC, 2 Generate AC)
Test No. 2CJ.021.01 Objective: To ensure that if both the card and the terminal support Enhanced Combined DDA/AC, the terminal performs Enhanced Combined DDA/AC. Reference: Based on Bulletin N 6 Conditions: Terminal and LT support Enhanced Combined DDA/AC CDOL1 and CDOL2 include Unpredictable Number generated by the terminal (tag 9F 37) LT answers ARQC at 1st Generate AC and TC at 2nd Generate AC Enhanced Combined DDA/AC Generation signature generated by LT is good Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC). Pass Criteria: The terminal shall process the transaction until completion. TVR and TSI (contained in Financial Confirmation message or Batch Data Captured message or other) shall have: TVR byte 1, bit 3 = 0 i.e. Combined DDA/AC Generation succeeded TSI byte 1, bit 8 = 1 i.e. Offline Data Authentication was performed
Page 284
2CJ.021.02 Both the Terminal and the Card support Enhanced Combined DDA/AC (ARQC)
Test No. 2CJ.021.02 Objective: To ensure that if both the card and the terminal support Enhanced Combined DDA/AC, the terminal performs Enhanced Combined DDA/AC. Reference: Based on Bulletin N 6 Conditions: Terminal and LT support Enhanced Combined DDA/AC CDOL1 and CDOL2 include Unpredictable Number generated by the terminal (tag 9F 37) LT answers ARQC at 1st Generate AC Enhanced Combined DDA/AC Generation signature generated by LT is good Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC). Pass Criteria: The terminal shall process the transaction until completion. TVR and TSI (contained in Financial Confirmation message or Batch Data Captured message or other) shall have: TVR byte 1, bit 3 = 0 i.e. Combined DDA/AC Generation succeeded TSI byte 1, bit 8 = 1 i.e. Offline Data Authentication was performed
Page 285
2CJ.022.00 Both the Terminal and the Card support Offline SDA
Test No. 2CJ.022.00 Objective: To ensure that if both the card and the terminal support Offline Static Data Authentication, and either terminal or card does not support Offline Dynamic Data Authentication, and either the card or terminal (or both) does not support Enhanced Combined DDA/AC Generation, the terminal performs Offline Static Data Authentication. Reference: Based on Bulletin N 6 Conditions: Terminal and LT support Static Data Authentication LT and/or Terminal do not support DDA LT and/or Terminal do not support Enhanced Combined DDA/AC Static signature in LT is not good CDOL1 request TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 1 i.e. Offline Static Data Authentication failed TSI byte 1, bit 8 = 1 i.e. Offline Data Authentication was performed
Page 286
2CJ.023.00 Both the Offline DDA and the Offline SDA are supported
Test No. 2CJ.023.00 Objective: To ensure that if both the card and the terminal support Offline Static Data Authentication, and Offline Dynamic Data Authentication, and either the card or terminal (or both) does not support Enhanced Combined DDA/AC Generation, the terminal performs only Offline Dynamic Data Authentication. Reference: Based on Bulletin N 6 Conditions: Terminal and LT supports Static Data Authentication Terminal and LT supports Dynamic Data Authentication Dynamic signature generated by LT is not good Issuer Public Key Certificate in LT is not good LT and/or Terminal do not support Enhanced Combined DDA/AC CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 0 i.e. Offline Static Data Authentication was not failed TVR byte 1, bit 4 = 1 i.e. Offline Dynamic Data Authentication failed TSI byte 1, bit 8 = 1 i.e. Offline Data Authentication was performed
Page 287
2CJ.024.00 Neither the Offline DDA nor the Offline SDA nor the Enhanced Combined DDA/AC is performed
Test No. 2CJ.024.00 Objective: To ensure that if neither Offline Static Data Authentication, or Offline Dynamic Data Authentication or the Enhanced Combined DDA/AC Generation is performed, the terminal sets the Offline data authentication was not performed bit in the TVR to 1b. Reference: Based on Bulletin N 6 Conditions: LT and/or Terminal do not support Static Data Authentication LT and/or Terminal do not support Dynamic Data Authentication LT and/or Terminal do not support Enhanced Combined DDA/AC Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR and TSI (contained in Financial Confirmation message or Batch Data Captured message or other) shall have: TVR byte 1, bit 8 = 1 i.e. Offline Data Authentication not performed TSI byte 1, bit 8=0 i.e. Offline data authentication was not performed.
Page 288
Page 289
2CJ.026.00 Rules for Processing the records identified by the AFL, when the Offline DDA is performed (1)
Test No. 2CJ.026.00 Objective: To ensure that when terminal performs Dynamic Data Authentication and builds the string to be signed, the terminal does not include tag 70 and length for records referenced in AFL as participating in Dynamic Data Authentication and located in files with SFI in range 1 to 10 Reference: 2RJ.025.0 - Book 3 Section 6.3 - Rules for Processing the records identified by the AFL, when the Offline DDA is performed (1) Conditions: LT and terminal support Dynamic Data Authentication CDOL1 requests TSI and TVR some records participating in Dynamic Data Authentication are located in file with SFI in range 1 to 10 Dynamic signature generated by the LT is good Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 0 ie Offline Dynamic Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 290
2CJ.027.00 Rules for Processing the records identified by the AFL, when the Offline DDA is performed (2)
Test No. 2CJ.027.00 Objective: To ensure that when terminal performs Dynamic Data Authentication and builds the string to be signed, the terminal includes all data of records referenced in AFL as participating in Dynamic Data Authentication and located in files with SFI in range 11 to 30. Reference: 2RJ.026.0 - Book 3 Section 6.3 - Rules for Processing the records identified by the AFL, when the Offline DDA is performed (2) Conditions: LT and terminal support Dynamic Data Authentication CDOL1 requests TSI and TVR some records participating in Dynamic Data Authentication are located in file with SFI in range 11 to 30 Dynamic signature generated by the LT is good Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 4 = 0 ie Offline Dynamic Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 291
2CJ.028.00 Rules for Processing the records identified by the AFL, when the Offline SDA is performed (1)
Test No. 2CJ.028.00 Objective: To ensure that when terminal performs Static Data Authentication and builds the string to be signed, the terminal does not include tag 70 and length for records referenced in AFL as participating in Static Data Authentication and located in files with SFI in range 1 to 10 Reference: 2RJ.028.0 - Book 3 Section 6.3 - Rules for Processing the records identified by the AFL, when the Offline SDA is performed (1) Conditions: LT and terminal support Static Data Authentication CDOL1 requests TSI and TVR some records participating in Static Data Authentication are located in file with SFI in range 1 to 10 Static signature in the LT is good Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 0 ie Offline Static Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 292
2CJ.029.00 Rules for Processing the records identified by the AFL, when the Offline SDA is performed (2)
Test No. 2CJ.029.00 Objective: To ensure that when terminal performs Static Data Authentication and builds the string to be signed, the terminal includes all data of records referenced in AFL as participating in Static Data Authentication and located in files with SFI in range 11 to 30 Reference: 2RJ.029.0 - Book 3 Section 6.3 - Rules for Processing the records identified by the AFL, when the Offline SDA is performed (2) Conditions: LT and terminal support Static Data Authentication CDOL1 requests TSI and TVR some records participating in Static Data Authentication are located in file with SFI in range 11 to 30 Static signature in the LT is good Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 7 = 0 ie Offline Static Data Authentication succeeded TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed
Page 293
Page 294
Page 295
Page 296
2CJ.034.00 Set relevant bit in TSI, upon completion of the Offline Data Authentication
Test No. 2CJ.034.00 Objective: To ensure that the terminal sets the Offline data authentication was performed bit in the TSI to 1b upon completion of the Offline Data Authentication Reference: 2RJ.034.0 - Book 3 Section 6.3 - Set relevant bit in TSI, upon completion of the Offline Data Authentication Conditions: LT and terminal support Static Data Authentication CDOL1 requests TSI and TVR Signed Static Application Data in LT is not good Procedure: Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Pass Criteria: The terminal shall process the transaction until completion. TSI byte 1, bit 8 = 1 ie Offline Data Authentication was performed TVR byte 1, bit 7=1 ie Offline static data authentication failed
Page 297
Page 298
Page 299
Page 300
2CJ.039.00 Application Version Number present in the ICC and in the terminal are the same (implied)
Test No. 2CJ.039.00 Objective: To ensure that the terminal does not set the ICC and terminal have different application versions bit in the TVR to 1b if the Application Version Number present in the ICC and in the terminal are the same. Reference: 2RJ.039.1 - Book 3 Section 6.4.1 - Application Version Number present in the ICC and in the terminal are the same (implied) Conditions: LT and terminal have the same Application Version Number CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 8 = 0 ie ICC and terminal have the same application versions
Page 301
Page 302
2CJ.042.00 AUC is present in the ICC and Transaction is conducted at an ATM (implied)
Test No. 2CJ.042.00 Objective: To ensure that if the terminal is an ATM and the AUC is present in the card, and the Valid at ATMs bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b Reference: 2RJ.042.1 - Book 3 Section 6.4.2 - AUC is present in the ICC and Transaction is conducted at an ATM (implied) Conditions: AUC is present in LT Terminal Type is ATM Valid at ATMs bit is set to 1b in the AUC CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product
Page 303
2CJ.043.00 AUC is present in the ICC and Transaction is not conducted at an ATM
Test No. 2CJ.043.00 Objective: To ensure that if the terminal is not an ATM and the AUC is present in the card, and the Valid at terminals other than ATMs bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.043.0 - Book 3 Section 6.4.2 - AUC is present in the ICC and Transaction is not conducted at an ATM Conditions: AUC is present in LT Terminal Type is not an ATM Valid at terminals other than ATMs bit is not set to 1b in the AUC CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product
Page 304
2CJ.044.00 AUC is present in the ICC and Transaction is not conducted at an ATM (implied)
Test No. 2CJ.044.00 Objective: To ensure that if the terminal is not an ATM and the AUC is present in the card, and the Valid at terminals other than ATMs bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.043.1 - Book 3 Section 6.4.2 - AUC is present in the ICC and Transaction is not conducted at an ATM (implied) Conditions: AUC is present in LT Terminal Type is not an ATM Valid at terminals other than ATMs bit is set to 1b in the AUC CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product
Page 305
2CJ.045.00 Transaction type is a Cash transaction, and Issuer Country Code = Terminal Country Code
Test No. 2CJ.045.00 Objective: To ensure that if the Terminal Country Code matches Issuer Country Code and Transaction Type indicates a cash transaction and the AUC is present in the card, and the Valid for domestic cash transactions bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.045.0 - Book 3 Section 6.4.2 - Transaction type is a Cash transaction, and Issuer Country Code = Terminal Country Code Conditions: Transaction is a cash transaction AUC is present in LT Issuer Country Code matches Terminal Country Code Valid for domestic cash transactions bit is not set to 1b in the AUC CDOL1 requests TVR and Transaction Type Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product Transaction Type shall indicate a cash transaction
Page 306
2CJ.046.00 Transaction type is a Cash transaction, and Issuer Country Code = Terminal Country Code (implied)
Test No. 2CJ.046.00 Objective: To ensure that if the Terminal Country Code matches Issuer Country Code and Transaction Type indicates a cash transaction and the AUC is present in the card, and the Valid for domestic cash transactions bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.045.1 - Book 3 Section 6.4.2 - Transaction type is a Cash transaction, and Issuer Country Code = Terminal Country Code (implied) Conditions: Transaction is a cash transaction AUC is present in LT Issuer Country Code matches Terminal Country Code Valid for domestic cash transactions bit is set to 1b in the AUC CDOL1 requests TVR and Transaction Type Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product Transaction Type shall indicate a cash transaction
Page 307
2CJ.047.00 Transaction type is a Cash transaction, and Issuer Country Code differs from Terminal Country Code
Test No. 2CJ.047.00 Objective: To ensure that if the Terminal Country Code does not match Issuer Country Code and Transaction Type indicates a cash transaction and the AUC is present in the card, and the Valid for international cash transactions bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.046.0 - Book 3 Section 6.4.2 - Transaction type is a Cash transaction, and Issuer Country Code differs from Terminal Country Code Conditions: Transaction is a cash transaction AUC is present in LT Issuer Country Code does not match Terminal Country Code Valid for international cash transactions bit is not set to 1b in the AUC CDOL1 requests TVR and Transaction Type Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product Transaction Type shall indicate a cash transaction
Page 308
2CJ.048.00 Transaction type is a Cash transaction, and Issuer Country Code differs from Terminal Country Code (implied)
Test No. 2CJ.048.00 Objective: To ensure that if the Terminal Country Code does not match Issuer Country Code and Transaction Type indicates a cash transaction and the AUC is present in the card, and the Valid for international cash transactions bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.046.1 - Book 3 Section 6.4.2 - Transaction type is a Cash transaction, and Issuer Country Code differs from Terminal Country Code (implied) Conditions: Transaction is a cash transaction AUC is present in LT Issuer Country Code does not match Terminal Country Code Valid for international cash transactions bit is set to 1b in the AUC CDOL1 requests TVR and Transaction Type Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product Transaction Type shall indicate a cash transaction
Page 309
2CJ.049.00 Transaction type is a Purchase of goods, and Issuer Country Code = Terminal Country Code
Test No. 2CJ.049.00 Objective: To ensure that if the Terminal Country Code matches Issuer Country Code and Transaction Type indicates a purchase of goods and the AUC is present in the card, and the Valid for domestic goods bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.047.0 - Book 3 Section 6.4.2 - Transaction type is a Purchase of goods, and Issuer Country Code = Terminal Country Code Conditions: Transaction is a purchase of goods AUC is present in LT Issuer Country Code matches Terminal Country Code Valid for domestic goods bit is not set to 1b in the AUC CDOL1 requests TVR and Transaction Type Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product Transaction Type shall indicate a purchase of goods
Page 310
2CJ.050.00 Transaction type is a Purchase of goods, and Issuer Country Code = Terminal Country Code (implied)
Test No. 2CJ.050.00 Objective: To ensure that if the Terminal Country Code matches Issuer Country Code and Transaction Type indicates a purchase of goods and the AUC is present in the card, and the Valid for domestic goods bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.047.1 - Book 3 Section 6.4.2 - Transaction type is a Purchase of goods, and Issuer Country Code = Terminal Country Code (implied) Conditions: Transaction is a purchase of goods AUC is present in LT Issuer Country Code matches Terminal Country Code Valid for domestic goods bit is set to 1b in the AUC CDOL1 requests TVR and Transaction Type Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product Transaction Type shall indicate a purchase of goods
Page 311
2CJ.051.00 Transaction type is a Purchase of goods, and Issuer Country Code differs from Terminal Country Code
Test No. 2CJ.051.00 Objective: To ensure that if the Terminal Country Code does not match Issuer Country Code and Transaction Type indicates a purchase of goods and the AUC is present in the card, and the Valid for international goods bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.048.0 - Book 3 Section 6.4.2 - Transaction type is a Purchase of goods, and Issuer Country Code differs from Terminal Country Code Conditions: Transaction is a purchase of goods AUC is present in LT Issuer Country Code does not match Terminal Country Code Valid for international goods bit is not set to 1b in the AUC CDOL1 requests TVR and Transaction Type Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product Transaction Type shall indicate a purchase of goods
Page 312
2CJ.052.00 Transaction type is a Purchase of goods, and Issuer Country Code differs from Terminal Country Code (implied)
Test No. 2CJ.052.00 Objective: To ensure that if the Terminal Country Code does not match Issuer Country Code and Transaction Type indicates a purchase of goods and the AUC is present in the card, and the Valid for international goods bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.048.1 - Book 3 Section 6.4.2 - Transaction type is a Purchase of goods, and Issuer Country Code differs from Terminal Country Code (implied) Conditions: Transaction is a purchase of goods AUC is present in LT Issuer Country Code does not match Terminal Country Code Valid for international goods bit is set to 1b in the AUC CDOL1 requests TVR and Transaction Type Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product Transaction Type shall indicate a purchase of goods
Page 313
2CJ.053.00 Transaction type is a Purchase of services, and Issuer Country Code = Terminal Country Code
Test No. 2CJ.053.00 Objective: To ensure that if the Terminal Country Code matches Issuer Country Code and Transaction Type indicates a purchase of services and the AUC is present in the card, and the Valid for domestic services bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.049.0 - Book 3 Section 6.4.2 - Transaction type is a Purchase of services, and Issuer Country Code = Terminal Country Code Conditions: Transaction is a purchase of services AUC is present in LT Issuer Country Code matches Terminal Country Code Valid for domestic services bit is not set to 1b in the AUC CDOL1 requests TVR and Transaction Type Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product Transaction Type shall indicate a purchase of services
Page 314
2CJ.054.00 Transaction type is a Purchase of services, and Issuer Country Code = Terminal Country Code (implied)
Test No. 2CJ.054.00 Objective: To ensure that if the Terminal Country Code matches Issuer Country Code and Transaction Type indicates a purchase of services and the AUC is present in the card, and the Valid for domestic services bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.049.1 - Book 3 Section 6.4.2 - Transaction type is a Purchase of services, and Issuer Country Code = Terminal Country Code (implied) Conditions: Transaction is a purchase of services AUC is present in LT Issuer Country Code matches Terminal Country Code Valid for domestic services bit is set to 1b in the AUC CDOL1 requests TVR and Transaction Type Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product Transaction Type shall indicate a purchase of services
Page 315
2CJ.055.00 Transaction type is a Purchase of services, and Issuer Country Code differs from Terminal Country Code
Test No. 2CJ.055.00 Objective: To ensure that if the Terminal Country Code does not match Issuer Country Code and Transaction Type indicates a purchase of services and the AUC is present in the card, and the Valid for international services bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.050.0 - Book 3 Section 6.4.2 - Transaction type is a Purchase of services, and Issuer Country Code differs from Terminal Country Code Conditions: Transaction is a purchase of services AUC is present in LT Issuer Country Code does not match Terminal Country Code Valid for international services bit is not set to 1b in the AUC CDOL1 requests TVR and Transaction Type Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product Transaction Type shall indicate a purchase of services
Page 316
2CJ.056.00 Transaction type is a Purchase of services, and Issuer Country Code differs from Terminal Country Code (implied)
Test No. 2CJ.056.00 Objective: To ensure that if the Terminal Country Code does not match Issuer Country Code and Transaction Type indicates a purchase of services and the AUC is present in the card, and the Valid for international services bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.050.1 - Book 3 Section 6.4.2 - Transaction type is a Purchase of services, and Issuer Country Code differs from Terminal Country Code (implied) Conditions: Transaction is a purchase of services AUC is present in LT Issuer Country Code does not match Terminal Country Code Valid for international services bit is set to 1b in the AUC CDOL1 requests TVR and Transaction Type Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product Transaction Type shall indicate a purchase of services
Page 317
2CJ.057.00 Transaction has a Cashback amount, and Issuer Country Code = Terminal Country Code
Test No. 2CJ.057.00 Objective: To ensure that if the Terminal Country Code matches Issuer Country Code and Transaction has a Cashback amount and the AUC is present in the card, and the Domestic Cashback allowed bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.051.0 - Book 3 Section 6.4.2 - Transaction has a Cashback amount, and Issuer Country Code = Terminal Country Code Conditions: Transaction has a cashback amount AUC is present in LT Issuer Country Code matches Terminal Country Code Domestic cashback allowed bit is not set to 1b in the AUC CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product
Page 318
2CJ.058.00 Transaction has a Cashback amount, and Issuer Country Code = Terminal Country Code (implied)
Test No. 2CJ.058.00 Objective: To ensure that if the Terminal Country Code matches Issuer Country Code and Transaction has a Cashback amount and the AUC is present in the card, and the Domestic cashback allowed bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.051.1 - Book 3 Section 6.4.2 - Transaction has a Cashback amount, and Issuer Country Code = Terminal Country Code (implied) Conditions: Transaction has a cashback amount AUC is present in LT Issuer Country Code matches Terminal Country Code Domestic cashback allowed bit is set to 1b in the AUC Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product
Page 319
2CJ.059.00 Transaction type is a Cashback amount, and Issuer Country Code differs from Terminal Country Code
Test No. 2CJ.059.00 Objective: To ensure that if the Terminal Country Code does not match Issuer Country Code and Transaction has a Cashback amount and the AUC is present in the card, and the International cashback allowed bit is not set to 1b in the AUC, the terminal sets the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.052.0 - Book 3 Section 6.4.2 - Transaction type is a Cashback amount, and Issuer Country Code differs from Terminal Country Code Conditions: Transaction has a cashback amount AUC is present in LT Issuer Country Code does not match Terminal Country Code International cashback allowed bit is not set to 1b in the AUC CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 1 ie Requested service not allowed for card product
Page 320
2CJ.060.00 Transaction type is a Cashback amount, and Issuer Country Code differs from Terminal Country Code (implied)
Test No. 2CJ.060.00 Objective: To ensure that if the Terminal Country Code does not match Issuer Country Code and Transaction has a Cashback amount and the AUC is present in the card, and the International cashback allowed bit is set to 1b in the AUC, the terminal does not set the Requested service not allowed for card product bit in the TVR to 1b. Reference: 2RJ.052.1 - Book 3 Section 6.4.2 - Transaction type is a Cashback amount, and Issuer Country Code differs from Terminal Country Code (implied) Conditions: Transaction has a cashback amount AUC is present in LT Issuer Country Code does not match Terminal Country Code International cashback allowed bit is set to 1b in the AUC Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product
Page 321
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product
Page 322
2CJ.062.00 Application Usage Control is present in the ICC but not Issuer Country code (implied)
Test No. 2CJ.062.00 Objective: To ensure that if the Application Usage control is present in the ICC but not Issuer Country Code, the Terminal skips the second set of tests described in Book 3 Section 6.4.3. Reference: 2RJ.053.1 - Book 3 Section 6.4.2 - Application Usage Control is present in the ICC but not Issuer Country code (implied) Conditions: AUC is present in LT valid at ATMs and valid at terminals other than ATMs are set in AUC Issuer Country Code is not present in the LT Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 5 = 0 ie Requested service allowed for card product
Page 323
Page 324
Page 325
Page 326
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 7 = 1 ie expired Application
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 7 = 0 ie non expired Application
Page 327
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 7 = 0 ie non expired Application
Page 328
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. TVR byte 2, bit 6 = 0 ie Application effective
Page 329
Page 330
Page 331
Page 332
2CJ.073.00 Supported CVR condition: If Terminal supports the CVM and CVM is offline PIN
Test No. 2CJ.073.00 Objective: To ensure that terminal supports CVM condition If Terminal supports the CVM when CVM is offline PIN Reference: 2RJ.059.4 - Book 3 Section 6.5 - Supported CVR condition: If Terminal supports the CVM and CVM is offline PIN Conditions: LT supports Cardholder verification Terminal supports Offline PIN CVM in LT is 'Plaintext PIN verification performed by ICC, if Terminal supports the CVM' PIN presented is not good or PIN try Counter is 0 CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed
Page 333
2CJ.074.00 Supported CVR condition: If Terminal supports the CVM and CVM is online PIN
Test No. 2CJ.074.00 Objective: To ensure that terminal supports CVM condition If Terminal supports the CVM when CVM is online PIN Reference: 2RJ.059.5 - Book 3 Section 6.5 - Supported CVR condition: If Terminal supports the CVM and CVM is online PIN Conditions: Application in LT is selected and transaction is processed with LT LT supports Cardholder verification Terminal supports Online PIN CVM in LT is 'Online PIN verification performed by ICC, if Terminal supports the CVM' PIN entered CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 ie Cardholder verification successful. Encrypted PIN Data is sent in the Authorization Request.
Page 334
2CJ.075.00 Supported CVR condition: If Terminal supports the CVM and CVM is signature
Test No. 2CJ.075.00 Objective: To ensure that terminal supports CVM condition If Terminal supports the CVM when CVM is signature Reference: 2RJ.059.6 - Book 3 Section 6.5 - Supported CVR condition: If Terminal supports the CVM and CVM is signature Conditions: LT supports Cardholder verification Terminal supports signature CVM in LT is 'signature, if Terminal supports the CVM' CDOL1 requests CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion CVM Results shall be set to 1E 03 00
Page 335
2CJ.077.00 Supported CVR condition: If Transaction is in the application currency and is under X value when the transaction amount is less than X
Test No. 2CJ.077.00 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is under X value when the transaction amount is less than X Reference: 2RJ.059.8 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is under X" (1) (Transaction Amount is Less than X) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is under X' Transaction amount is less than X value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed
Page 336
2CJ.077.01 Supported CVR condition: If Transaction is in the application currency and is under X value when the transaction amount is greater than X
Test No. 2CJ.077.01 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is under X value when the transaction amount is Greater than X Reference: 2RJ.059.81 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is under X" (2) (Transaction Amount is Greater than X) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is under X' followed by Fail CVM, always' Transaction amount is greater than X value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 337
2CJ.077.02 Supported CVR condition: If Transaction is in the application currency and is under X value when the transaction amount is equal to X
Test No. 2CJ.077.02 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is under X value when the transaction amount is Equal to X Reference: 2RJ.059.82 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is under X" (3) (Transaction Amount is Equal to X) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is under X' followed by 'Fail CVM, always' Transaction amount is equal to X value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR and CVM results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 338
2CJ.078.00 Supported CVR condition: If Transaction is in the application currency and is over X value when transaction amount is greater than X.
Test No. 2CJ.078.00 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is over X value when transaction amount is greater than X. Reference: 2RJ.059.9 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is over X" (1) (Transaction amount is greater than X). Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is over X' Transaction amount is greater than X value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed
Page 339
2CJ.078.01 Supported CVR condition: If Transaction is in the application currency and is over X value when transaction amount is less than X.
Test No. 2CJ.078.01 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is over X value when transaction amount is less than X. Reference: 2RJ.059.91 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is over X" (2) (Transaction Amount is Less than X) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is over X' followed by 'Fail CVM, always' Transaction amount is less than X value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 340
2CJ.078.02 Supported CVR condition: If Transaction is in the application currency and is over X value when transaction amount is equal to X.
Test No. 2CJ.078.02 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is over X value when transaction amount is Equal to X. Reference: 2RJ.059.92 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is over X" (3) (Transaction Amount is Equal to X) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is over X' followed by 'Fail CVM, always' Transaction amount is equal to X value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 341
2CJ.079.00 Supported CVR condition: If Transaction is in the application currency and is under Y value when the transaction amount is less than Y.
Test No. 2CJ.079.00 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is under Y value when the transaction amount is less than Y. Reference: 2RJ.059.10 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is under Y" (1) (Transaction amount is less than Y). Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is under Y' Transaction amount is less than Y value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed
Page 342
2CJ.079.01 Supported CVR condition: If Transaction is in the application currency and is under Y value when the transaction amount is greater than Y
Test No. 2CJ.079.01 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is under Y value when the transaction amount is Greater than Y. Reference: 2RJ.059.12 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is under Y" (2) (Transaction amount is greater than Y) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM if Transaction is under Y' followed by 'Fail CVM, always' Transaction amount is greater than Y value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 343
2CJ.079.02 Supported CVR condition: If Transaction is in the application currency and is under Y value when the transaction amount is equal to Y.
Test No. 2CJ.079.02 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is under Y value when the transaction amount is Equal to Y. Reference: 2RJ.059.13 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is under Y" (3) (Transaction amount is equal to Y) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is under Y' followed by 'Fail CVM, always' Transaction amount is equal to Y value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 344
2CJ.080.00 Supported CVR condition: If Transaction is in the application currency and is over Y value when the transaction amount is greater than Y.
Test No. 2CJ.080.00 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is over Y value when the transaction amount is greater than Y. Reference: 2RJ.059.11 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is over Y" (1) (Transaction amount is Greater than Y). Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is over Y' Transaction amount is greater than Y value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed
Page 345
2CJ.080.01 Supported CVR condition: If Transaction is in the application currency and is over Y value when the transaction amount is equal to Y.
Test No. 2CJ.080.01 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is over Y value when the transaction amount is equal to Y. Reference: 2RJ.059.14 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is over Y" (2) (Transaction amount is Equal to Y) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is over Y' followed by 'Fail CVM always' Transaction amount is equal to Y value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 346
2CJ.080.02 Supported CVR condition: If Transaction is in the application currency and is over Y value when the transaction amount is less than Y.
Test No. 2CJ.080.02 Objective: To ensure that terminal supports CVM condition If Transaction is in the application currency and is over Y value when the transaction amount is less than Y. Reference: 2RJ.059.15 - Book 3 Section 6.5 - Supported CVR condition: "If Transaction is in the application currency and is over Y" (3) (Transaction amount is Less than Y) Conditions: LT supports Cardholder verification CVM in LT is 'Fail CVM, if Transaction is over Y' followed by 'Fail CVM always' Transaction amount is less than Y value Transaction Currency Code equals to Application Currency Code CDOL1 request TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 347
2CJ.081.01 Random Transaction Selection: Transaction Amount Less than the Threshold Value for Biased Random Selection
Test No. 2CJ.081.01 Objective: To ensure that terminal performs Random Transaction Selection checking when the transaction amount is less than the Threshold Value for Biased Random Selection Reference: 2RJ.093.1 - Book 3 Section 6.6.2 - Transaction Amount < Threshold Value and Random Number Target Percentage Conditions: Terminal supports Random Transaction Selection LT supports Terminal Risk Management Transaction Amount is less than the Threshold Value for Biased Random Selection Random Number is less than or equal to Target Percentage to be Used for Random Selection (Test must be repeated until this condition is met) CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 5 = 1 ie Transaction selected randomly for online processing
Page 348
2CJ.081.02 Random Transaction Selection: Transaction Amount Less than the Threshold Value for Biased Random Selection
Test No. 2CJ.081.02 Objective: To ensure that terminal performs Random Transaction Selection checking when the transaction amount is less than the Threshold Value for Biased Random Selection Reference: 2RJ.093. 2 - Book 3 Section 6.6.2 - Transaction Amount < Threshold Value and Random Number > Target Percentage Conditions: Terminal supports Random Transaction Selection LT supports Terminal Risk Management Transaction Amount is less than the Threshold Value for Biased Random Selection Random Number is greater than the Target Percentage to be Used for Random Selection (Test must be repeated until this condition is met) CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 5 = 0 ie Transaction has not been selected randomly for online processing
Page 349
2CJ.081.03 Random Transaction Selection: Transaction Amount Equal to or Greater than the Threshold Value for Biased Random Selection but Less than the Floor Limit
Test No. 2CJ.081.03 Objective: To ensure that terminal performs Random Transaction Selection checking when the transaction amount is equal to or greater than the Threshold Value for Biased Random Selection but less than the Floor Limit Reference: 2RJ.093. 3 - Book 3 Section 6.6.2 - Threshold Value Transaction Amount < Floor Limit and Random Number Target Percent Conditions: Terminal supports Random Transaction Selection LT supports Terminal Risk Management Transaction Amount is equal to or greater than the Threshold Value for Biased Random Selection but less than the Floor Limit Random Number is less than or equal to Transaction Target Percentage (Test must be repeated until this condition is met) CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 5 = 1 ie Transaction selected randomly for online processing
Page 350
2CJ.081.04 Random Transaction Selection: Transaction Amount Equal to or Greater than the Threshold Value for Biased Random Selection but Less than the Floor Limit
Test No. 2CJ.081.04 Objective: To ensure that terminal performs Random Transaction Selection checking when the transaction amount is equal to or greater than the Threshold Value for Biased Random Selection but less than the Floor Limit Reference: 2RJ.093.4 - Book 3 Section 6.6.2 - Threshold Value Transaction Amount < Floor Limit and Random Number > Target Percent Conditions: Terminal supports Random Transaction Selection LT supports Terminal Risk Management Transaction Amount is equal to or greater than the Threshold Value for Biased Random Selection but less than the Floor Limit Random Number is greater than the Transaction Target Percentage (Test must be repeated until this condition is met) CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 5 = 0 ie Transaction has not been selected randomly for online processing
Page 351
Page 352
Page 353
2CJ.083.01 Non Supported CVR condition: If Terminal supports the CVM and CVM is offline Plaintext PIN
Test No. 2CJ.083.01 Objective: To ensure that terminal processes the next CVM in the list when the CVM condition If Terminal supports the CVM when CVM is offline PIN and the terminal does not support offline Plaintext PIN Reference: 2RJ.061.3 - Book 3 Section 6.5 - Second byte of a Cardholder Verification Rule is not satisfied Conditions: LT supports Cardholder verification Terminal does not support Offline Plaintext PIN CVM in LT is 'Plaintext PIN verification performed by ICC if Terminal supports the CVM' ('01 03') followed by 'Fail CVM, always' ('00 00') CDOL1 requests TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed (00 00 01')
Page 354
2CJ.083.02 Non Supported CVR condition: If Terminal supports the CVM and CVM is offline Enciphered PIN
Test No. 2CJ.083.02 Objective: To ensure that terminal processes the next CVM in the list when the CVM condition If Terminal supports the CVM when CVM is offline PIN and the terminal does not support offline Enciphered PIN Reference: 2RJ.061.4 - Book 3 Section 6.5 - Second byte of a Cardholder Verification Rule is not satisfied Conditions: LT supports Cardholder verification Terminal does not support Offline Enciphered PIN CVM in LT is 'Offline Enciphered PIN verification performed by ICC if Terminal supports the CVM' ('04 03') followed by 'Fail CVM, always' ('00 00') CDOL1 requests TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 355
2CJ.083.03 Non Supported CVR condition: If Terminal supports the CVM and CVM is online Enciphered PIN
Test No. 2CJ.083.03 Objective: To ensure that terminal processes the next CVM in the list when the CVM condition If Terminal supports the CVM when CVM is online PIN and the terminal does not support online Enciphered PIN Reference: 2RJ.061.5 - Book 3 Section 6.5 - Second byte of a Cardholder Verification Rule is not satisfied Conditions: LT supports Cardholder verification Terminal does not support Online Enciphered PIN CVM in LT is 'Online Enciphered PIN verification performed by ICC if Terminal supports the CVM' ('02 03') followed by 'Fail CVM, always' ('00 00') CDOL1 requests TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 356
2CJ.083.04 Non Supported CVR condition: If Terminal supports the CVM and CVM is Signature
Test No. 2CJ.083.04 Objective: To ensure that terminal processes the next CVM in the list when the CVM condition If Terminal supports the CVM when CVM is Signature and the terminal does not support Signature Reference: 2RJ.061.6 - Book 3 Section 6.5 - Second byte of a Cardholder Verification Rule is not satisfied Conditions: LT supports Cardholder verification Terminal does not support Signature CVM in LT is 'Signature if Terminal supports the CVM' ('1E 03') followed by 'Fail CVM, always' ('00 00') CDOL1 requests TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 357
2CJ.083.05 Non Supported CVR condition: If Terminal supports the CVM and CVM is offline Plaintext PIN and Signature
Test No. 2CJ.083.05 Objective: To ensure that terminal processes the next CVM in the list when the CVM condition If Terminal supports the CVM when CVM is offline Plaintext PIN and Signature and the terminal does not support offline Plaintext PIN or Signature Reference: 2RJ.061.7 - Book 3 Section 6.5 - Second byte of a Cardholder Verification Rule is not satisfied Conditions: LT supports Cardholder verification Terminal does not support Offline Plaintext PIN or Signature CVM in LT is 'Offline Plaintext PIN verification performed by ICC and Signature if Terminal supports the CVM' ('03 03') followed by 'Fail CVM, always' ('00 00') CDOL1 requests TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 358
2CJ.083.06 Non Supported CVR condition: If Terminal supports the CVM and CVM is offline Enciphered PIN and Signature
Test No. 2CJ.083.06 Objective: To ensure that terminal processes the next CVM in the list when the CVM condition If Terminal supports the CVM when CVM is offline Enciphered PIN and Signature and the terminal does not support offline Enciphered PIN or Signature Reference: 2RJ.061.8 - Book 3 Section 6.5 - Second byte of a Cardholder Verification Rule is not satisfied Conditions: LT supports Cardholder verification Terminal does not support Offline Enciphered PIN or Signature CVM in LT is 'Offline Enciphered PIN verification performed by ICC and Signature if Terminal supports the CVM' ('05 03') followed by 'Fail CVM, always' ('00 00') CDOL1 requests TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 359
2CJ.083.07 No Supported CVR condition: If Terminal supports the CVM and CVM is No CVM Required
Test No. 2CJ.083.07 Objective: To ensure that terminal processes the next CVM in the list when the CVM condition If Terminal supports the CVM when CVM is 'No CVM Required' and the terminal does not support 'No CVM Required' Reference: 2RJ.061.9 - Book 3 Section 6.5 - Second byte of a Cardholder Verification Rule is not satisfied Conditions: LT supports Cardholder verification Terminal does not support 'No CVM Required' CVM in LT is 'No CVM Required if Terminal supports the CVM' ('1F 03') followed by 'Fail CVM, always' ('00 00') CDOL1 requests TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 360
Page 361
2CJ.085.00 CVM Condition Code is outside the range of codes understood by the terminal
Test No. 2CJ.085.00 Objective: To ensure that if the condition code expressed in the second byte of a Cardholder Verification Rule is outside the range of codes understood by the terminal, the terminal bypasses the rules and proceeded to the next rule. Reference: 2RJ.061.2 - Book 3 Section 6.5 - CVM Condition Code is outside the range of codes understood by the terminal Conditions: LT supports Cardholder verification CVM List is Fail CVM , if RFU' following by 'Fail CVM, always' CDOL1 requests TVR and CVM Results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01')
Page 362
Page 363
2CJ.087.00 Second byte of Cardholder Verification Rule satisfied and CVM Code is Fail CVM
Test No. 2CJ.087.00 Objective: To ensure that the terminal performs the CVM if the condition code is satisfied and CVM code is fail CVM Reference: 2RJ.063.0 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Fail CVM Conditions: LT supports Cardholder verification CVM List is 'Fail CVM' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 364
2CJ.088.00 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC (Plain text PIN verified by ICC supported)
Test No. 2CJ.088.00 Objective: To ensure that if terminal supports Plaintext PIN verified by ICC, the terminal performs the CVM if the condition code is satisfied and CVM code is Plaintext PIN verified by ICC Reference: 2RJ.063.1 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Plaintext PIN verified by ICC (Plain text PIN verified by ICC supported) Conditions: LT supports Cardholder verification CVM List is 'Plaintext PIN verified by ICC' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal supports Plaintext PIN verified by ICC Supported PIN presented is not good CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed Terminal shall ask the cardholder to present his PIN TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 365
2CJ.088.01 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC (Plain text PIN verified by ICC not supported)
Test No. 2CJ.088.01 Objective: To ensure that if the terminal does not support Plaintext PIN verified by ICC, the terminal performs the CVM if the condition code is satisfied and CVM code is Plaintext PIN verified by ICC Reference: 2RJ.063.11 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Plaintext PIN verified by ICC (Plain text PIN verified by ICC not supported) Conditions: LT supports Cardholder verification CVM List is 'Plaintext PIN verified by ICC' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal does not support Plaintext PIN verified by ICC CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = '1' i.e. Cardholder verification failed TVR byte 3, bit 5 = 1 i.e. PIN entry required and PIN pad not present TSI byte 1, bit 7 = '1' i.e. Cardholder verification performed
Page 366
2CJ.089.00 Second byte of CVR satisfied and CVM Code is Enciphered PIN Online (Enciphered PIN Online supported)
Test No. 2CJ.089.00 Objective: To ensure that if terminal supports Enciphered PIN Online, the terminal performs the CVM if the condition code is satisfied and CVM code is Enciphered PIN Online Reference: 2RJ.063.2 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Enciphered PIN Online (Enciphered PIN Online supported) Conditions: LT supports Cardholder verification Terminal supports Online verification CVM List is 'Enciphered PIN online' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal supports Enciphered PIN online PIN is entered CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 ie Cardholder verification success Terminal shall ask the cardholder to present his PIN Encrypted PIN Data is sent in the Authorization Request. TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 367
2CJ.089.01 Second byte of CVR satisfied and CVM Code is Enciphered PIN Online (Enciphered PIN Online not supported)
Test No. 2CJ.089.01 Objective: To ensure that if the terminal does not support Enciphered PIN Online, the terminal performs the CVM if the condition code is satisfied and CVM code is Enciphered PIN Online Reference: 2RJ.063.21 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Enciphered PIN Online (Enciphered PIN Online not supported) Conditions: LT supports Cardholder verification Terminal supports Online verification CVM List is 'Enciphered PIN online' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal does not support Enciphered PIN online CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed TVR byte 3, bit 5 = 1 ie PIN entry required and PIN pad not present TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 368
2CJ.090.00 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC and signature (Plain text PIN verified by ICC and signature supported)
Test No. 2CJ.090.00 Objective: To ensure that if terminal supports Plaintext PIN verified by ICC and signature, the terminal performs the CVM if the condition code is satisfied and CVM code is Plaintext PIN verified by ICC and signature Reference: 2RJ.063.3 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Plaintext PIN verified by ICC and signature (Plain text PIN verified by ICC and signature supported) Conditions: LT supports Cardholder verification CVM List is 'Plaintext PIN verified by ICC and signature' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal supports Plaintext PIN verified by ICC Supported PIN presented is not good CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed Terminal shall ask the cardholder to present his PIN TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 369
2CJ.090.01 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC and signature (Plain text PIN verified by ICC and signature not supported)
Test No. 2CJ.090.01 Objective: To ensure that if the terminal does not support Plaintext PIN verified by ICC and signature, the terminal performs the CVM if the condition code is satisfied and CVM code is Plaintext PIN verified by ICC and signature Reference: 2RJ.063.31 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Plaintext PIN verified by ICC and signature (Plain text PIN verified by ICC and signature not supported) Conditions: LT supports Cardholder verification CVM List is 'Plaintext PIN verified by ICC and signature' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal does not support Plaintext PIN verified by ICC CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 370
2CJ.091.00 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC (Enciphered PIN verified by ICC supported)
Test No. 2CJ.091.00 Objective: To ensure that if terminal supports Enciphered PIN verified by ICC, the terminal performs the CVM if the condition code is satisfied and CVM code is Enciphered PIN verified by ICC Reference: 2RJ.063.4 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Enciphered PIN verified by ICC (Enciphered PIN verified by ICC supported) Conditions: LT supports Cardholder verification CVM List is 'Enciphered PIN verified by ICC' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal supports Enciphered PIN verified by ICC Supported PIN presented is not good CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed Terminal shall ask the cardholder to present his PIN TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 371
2CJ.091.01 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC (Enciphered PIN verified by ICC not supported)
Test No. 2CJ.091.01 Objective: To ensure that if the terminal does not support Enciphered PIN verified by ICC, the terminal performs the CVM if the condition code is satisfied and CVM code is Enciphered PIN verified by ICC Reference: 2RJ.063.41 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is Enciphered PIN verified by ICC (Enciphered PIN verified by ICC not supported) Conditions: LT supports Cardholder verification CVM List is 'Enciphered PIN verified by ICC' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal does not support Enciphered PIN verified by ICC CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 372
2CJ.092.00 Second byte of CVR satisfied and CVM Code Enciphered PIN verified by ICC and signature (Enciphered PIN verified by ICC and signature supported)
Test No. 2CJ.092.00 Objective: To ensure that if terminal supports Enciphered PIN verified by ICC and signature, the terminal performs the CVM if the condition code is satisfied and CVM code is Enciphered PIN verified by ICC and signature Reference: 2RJ.063.5 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code Enciphered PIN verified by ICC and signature (Enciphered PIN verified by ICC and signature supported) Conditions: LT supports Cardholder verification CVM List is 'Enciphered PIN verified by ICC and signature' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal supports Enciphered PIN verified by ICC Supported PIN presented is not good CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed Terminal shall ask the cardholder to present his PIN TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 373
2CJ.092.01 Second byte of CVR satisfied and CVM Code Enciphered PIN verified by ICC and signature (Enciphered PIN verified by ICC and signature not supported)
Test No. 2CJ.092.01 Objective: To ensure that if the terminal does not support Enciphered PIN verified by ICC and signature, the terminal performs the CVM if the condition code is satisfied and CVM code is Enciphered PIN verified by ICC and signature Reference: 2RJ.063.51 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code Enciphered PIN verified by ICC and signature (Enciphered PIN verified by ICC and signature not supported) Conditions: LT supports Cardholder verification CVM List is 'Enciphered PIN verified by ICC and signature' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal does not support Enciphered PIN verified by ICC and signature CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed TVR byte 3, bit 5 = 1 ie PIN entry required and PIN pad not present TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 374
2CJ.093.00 Second byte of CVR satisfied and CVM Code is signature (signature supported)
Test No. 2CJ.093.00 Objective: To ensure that if terminal supports signature, the terminal performs the CVM if the condition code is satisfied and CVM code is signature Reference: 2RJ.063.6 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is signature (signature supported) Conditions: LT supports Cardholder verification CVM List is 'signature' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal supports signature CDOL1 requests TVR and TSI Transaction is processed so the outcome is an Approval Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The terminal shall print a ticket with signature line TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 375
2CJ.093.01 Second byte of CVR satisfied and CVM Code is signature (signature not supported)
Test No. 2CJ.093.01 Objective: To ensure that if the terminal does not support signature, the terminal performs the CVM if the condition code is satisfied and CVM code is signature Reference: 2RJ.063.61 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is signature (signature not supported) Conditions: LT supports Cardholder verification CVM List is 'signature' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal does not support signature CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed TSI byte 1, bit 7 = '1' ie Cardholder verification performed
Page 376
2CJ.094.00 Second byte of CVR satisfied and CVM Code is no CVM required (No CVM required is supported)
Test No. 2CJ.094.00 Objective: To ensure that if terminal supports No CVM required, the terminal considers that the CVM is successful if the condition code is satisfied and CVM code is 'No CVM required' Reference: 2RJ.063.7 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is No CVM required (No CVM required is supported) Conditions: LT supports Cardholder verification CVM List is 'No CVM required' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal supports 'No CVM required' CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 ie Cardholder verification succeeded TSI byte 1, bit 7 = 1 ie Cardholder verification was performed
Page 377
2CJ.094.01 Second byte of CVR satisfied and CVM Code is No CVM required (No CVM required is not supported)
Test No. 2CJ.094.01 Objective: To ensure that if the terminal does not support 'No CVM required', the terminal considers that the CVM is successful if the condition code is satisfied and CVM code is 'No CVM required' Reference: 2RJ.063.71 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code is No CVM required (No CVM required is not supported) Conditions: LT supports Cardholder verification CVM List is 'No CVM required' with a satisfied condition i.e. * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) Terminal does not support 'No CVM required' CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification failed TSI byte 1, bit 7 = 1 ie Cardholder verification was performed
Page 378
2CJ.095.00 Second byte of CVR satisfied and CVM Code not understood by the terminal
Test No. 2CJ.095.00 Objective: To ensure that the terminal sets the Unrecognized CVM bit in the TVR to 1b, if the condition code is satisfied and CVM code is not understood by the terminal (RFU) Reference: 2RJ.064.0 - Book 3 Section 6.5 - Second byte of Cardholder Verification Rule satisfied and CVM Code not understood by the terminal Conditions: LT supports Cardholder verification CVM List is 'RFU' with a satisfied condition ie * always or * cash or cashback (and Transaction is cash) or * transaction is under X (and Amount is under X) or * transaction is over Y (and Amount is over Y) CDOL1 requests TVR and TSI Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 7 = 1 ie Unrecognized CVM TSI byte 1, bit 7 = '1' ie Cardholder Verification was performed
Page 379
Page 380
2CJ.097.00 CVM processing fails and CVR indicates to proceed with next rule
Test No. 2CJ.097.00 Objective: To ensure that the terminal processes next CVR in the CVM List, if the current one is not successful and the Apply succeeding Cardholder Verification Rule if this CVM is unsuccessful bit is set to 1b Reference: 2RJ.066.0 - Book 3 Section 6.5 - CVM processing fails and Cardholder Verification Rules indicates to proceed with next rule Conditions: LT supports Cardholder verification CDOL1 requests TSI and TVR CVM List such as it contains 2 CVRs and the first one has Apply succeeding Cardholder Verification Rule, if this CVM is unsuccessful bit is set to 1b and is not successful whereas the second one is performed OK ( test can be made for several CVM: plaintext PIN verified by ICC, online PIN, signature...) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 ie Cardholder verification successful TSI byte 1, bit 7 = 1 ie Cardholder verification was performed
Page 381
2CJ.098.00 CVM processing fails and no more CVR in the CVM List
Test No. 2CJ.098.00 Objective: To ensure that the terminal fails the Cardholder verification and sets the Cardholder verification was not successful in the TVR to 1b, if a CVM processing fails , and the Apply succeeding Cardholder Verification Rule if this CVM is unsuccessful bit is set to 1b, and there are no more Cardholder Verification Rules in the CVM List Reference: 2RJ.067.0 - Book 3 Section 6.5 - CVM processing fails and no more Cardholder Verification Rules in the CVM List Conditions: LT supports Cardholder verification CVM List such as it contains only one CVR with condition OK but CVM is not performed OK and this CVM has Apply succeeding Cardholder Verification Rule, if this CVM is unsuccessful bit is set to 1b CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification was not successful
Page 382
2CJ.099.00 CVM processing fails and CVR indicates to not proceed with next rule
Test No. 2CJ.099.00 Objective: To ensure that the terminal fails the Cardholder verification and sets the Cardholder verification was not successful in the TVR to 1b, if a CVM processing fails , and the Apply succeeding Cardholder Verification Rule if this CVM is unsuccessful bit is not set to 1b. Reference: 2RJ.068.0 - Book 3 Section 6.5 - CVM processing fails and Cardholder Verification Rules indicates to not proceed with next rule Conditions: LT supports Cardholder verification CVM List such it contains one or several CVR and first CVR with condition OK but CVM is not performed OK and this CVM has Apply succeeding Cardholder Verification Rule if this CVM is unsuccessful bit is not set to 1b CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification was not successful
Page 383
Page 384
Page 385
2CJ.103.00 Offline PIN is the selected CVM and Terminal does not support offline PIN
Test No. 2CJ.103.00 Objective: To ensure that the terminal sets the PIN entry required and PIN pad not present or not working bit in the TVR to 1b, if an offline PIN is the selected CVM and the terminal does not support either offline plaintext PIN verification or offline enciphered PIN verification. Reference: 2RJ.071.0 - Book 3 Section 6.5.1 - Offline PIN is the selected CVM and Terminal does not support offline PIN Conditions: LT supports Cardholder verification Terminal does not support Offline PIN verification CVM List is 'PIN verified by ICC, always' CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification was not successful TVR byte 3, bit 5 = 1 ie PIN entry required and PIN pad not present
Page 386
2CJ.104.00 Offline PIN is the selected CVM, Terminal supports offline PIN, and the PIN pad is malfunctioning
Test No. 2CJ.104.00 Objective: To ensure that the terminal sets the PIN entry required and PIN pad not present or not working bit in the TVR to 1b, if an offline PIN is the selected CVM and the terminal PIN Pad is malfunctioning. Reference: 2RJ.072.0 - Book 3 Section 6.5.1 - Offline PIN is the selected CVM, Terminal supports offline PIN, and the PIN pad is malfunctioning Conditions: LT supports Cardholder verification Terminal PIN Pad is malfunctioning CVM List is 'PIN verified by ICC, always' PIN pad to be non functional pad CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification was not successful TVR byte 3, bit 5 = 1 ie PIN entry required and PIN pad not present
Page 387
Page 388
2CJ.107.00 Offline PIN is the selected CVM and the number of remaining PIN trials is zero
Test No. 2CJ.107.00 Objective: To ensure that the terminal sets the PIN Try Limit exceeded bit in the TVR to 1b, if an offline PIN is the selected CVM and the number of remaining PIN trials is reduced to zero upon initial use of the VERIFY command (i.e. the status code is 63C0), Reference: 2RJ.075.0 - Book 3 Section 6.5.1 -Offline PIN is the selected CVM and the number of remaining PIN trials is zero Conditions: LT supports Cardholder verification Terminal supports Offline PIN verification CVM List is 'PIN verified by ICC, always' LT returns 63C0 to VERIFY command CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification was not successful TVR byte 3, bit 6 = 1 ie PIN Try Limit exceeded
Page 389
2CJ.108.00 Offline PIN is the selected CVM and the offline PIN processing is successful
Test No. 2CJ.108.00 Objective: To ensure that the terminal consider the CVM as successful, if an offline PIN is the selected CVM and VERIFY command returns 90 00 Reference: 2RJ.076.0 - Book 3 Section 6.5.1 - Offline PIN is the selected CVM and the offline PIN processing is successful Conditions: LT supports Cardholder verification Terminal supports Offline PIN verification CVM List is 'PIN verified by ICC, always' LT returns 90 00 to VERIFY command CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 ie Cardholder verification was successful TSI byte 1, bit 7 = 1 ie Cardholder verification was performed
Page 390
2CJ.109.00 Online PIN is the selected CVM and Terminal does not support online PIN
Test No. 2CJ.109.00 Objective: To ensure that the terminal sets the PIN entry required and PIN pad not present or not working bit in the TVR to 1b, if enciphered PIN verified online is the selected CVM and the terminal does not support enciphered PIN verified online. Reference: 2RJ.077.0 - Book 3 Section 6.5.2 - Online PIN is the selected CVM and Terminal does not support online PIN Conditions: LT supports Cardholder verification Terminal does not support enciphered PIN verified online CVM List is 'Enciphered PIN verified online, always' CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification was not successful TVR byte 3, bit 5 = 1 ie PIN entry required and PIN pad not present
Page 391
2CJ.110.00 Online PIN is the selected CVM, Terminal supports online PIN, and the PIN pad is malfunctioning
Test No. 2CJ.110.00 Objective: To ensure that the terminal sets the PIN entry required and PIN pad not present or not working bit in the TVR to 1b, if enciphered PIN verified online is the selected CVM and the terminal PIN Pad is malfunctioning. Reference: 2RJ.078.0 - Book 3 Section 6.5.2 - Online PIN is the selected CVM, Terminal supports online PIN, and the PIN pad is malfunctioning Conditions: LT supports Cardholder verification Terminal PIN Pad is malfunctioning CVM List is 'Enciphered PIN verified online' always' CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie Cardholder verification was not successful TVR byte 3, bit 5 = 1 ie PIN entry required and PIN pad not present
Page 392
2CJ.112.00 Online PIN is the selected CVM and the online PIN processing is successful
Test No. 2CJ.112.00 Objective: To ensure that the terminal consider the CVM as successful, if enciphered PIN verified online is the selected CVM and Issuer answered that PIN presented is good Reference: 2RJ.080.0 - Book 3 Section 6.5.2 - Online PIN is the selected CVM and the online PIN processing is successful Conditions: LT supports Cardholder verification Terminal supports enciphered PIN verified online CVM List is 'Enciphered PIN verified online, always' Issuer returns an acceptance CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 ie Cardholder verification was successful TSI byte 1, bit 7 = 1 ie Cardholder verification was performed
Page 393
2CJ.113.00 Signature (paper) is a required CVM and Terminal supports the signature process
Test No. 2CJ.113.00 Objective: To ensure that the terminal consider the CVM as successful, if signature is the selected CVM and terminal supports the signature process Reference: 2RJ.081.0 - Book 3 Section 6.5.3 - Signature (paper) is a required CVM and Terminal supports the signature process Conditions: LT supports Cardholder verification Terminal supports signature CVM List is 'signature, always' CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 ie Cardholder verification was successful TSI byte 1, bit 7 = 1 ie Cardholder verification was performed
Page 394
Page 395
Page 396
Page 397
Page 398
2CJ.119.00 Transaction log entry with the same PAN is available and Terminal Floor Limit is exceeded
Test No. 2CJ.119.00 Objective: To ensure that the terminal sets the Transaction exceeds floor limit bit in the TVR to 1b, if a transaction log entries with the same Application PAN, is available and if the sum of the Amount, Authorized to the Amount stored in the most recent log entry for that PAN is greater than or equal to the Terminal Floor Limit Reference: 2RJ.086.0 - Book 3 Section 6.6.1 - Transaction log entry with the same PAN is available and Terminal Floor Limit is exceeded Conditions: LT supports Terminal Risk Management Transaction log is available if supported by the terminal with the same PAN as the LT PAN (another transaction has been made with same PAN before with Amount less than Terminal floor Limit) sum of Transaction Amount, Authorized and Amount stored in the log is equal to or greater than Terminal floor Limit (Amount Authorized can include a cash back amount) CDOL1 requests TVR and TSI and Terminal Floor Limit and Amount Authorized Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 8 = 1 ie Transaction exceeds floor limit Amount Authorized returned in First GENERATE AC is the same as the amount entered and sum of Transaction Amount, Authorized and Amount of previous transaction with same PAN is equal to or greater than Terminal floor Limit TSI byte 1, bit 4 = 1 ie Terminal Risk Management was performed
Page 399
2CJ.120.00 Transaction log entry with the same PAN is available and Terminal Floor Limit is not exceeded (implied)
Test No. 2CJ.120.00 Objective: To ensure that the terminal does not set the Transaction exceeds floor limit bit in the TVR to 1b, if a transaction log entries with the same Application PAN, is available and if the sum of the Amount, Authorized to the Amount stored in the most recent log entry for that PAN is less than the Terminal Floor Limit Reference: 2RJ.086.1 - Book 3 Section 6.6.1 - Transaction log entry with the same PAN is available and Terminal Floor Limit is not exceeded (implied) Conditions: LT supports Terminal Risk Management Transaction log is available if supported by the terminal with the same PAN as the LT PAN (another transaction has been made with same PAN before with Amount less than Terminal floor Limit) Sum of Transaction Amount, Authorized and Amount stored in the log is less than Terminal floor Limit (Amount Authorized can include a cash back amount) CDOL1 requests TVR and TSI and Terminal Floor Limit and Amount Authorized Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 8 = 0 ie Transaction does not exceed floor limit Amount Authorized returned in First GENERATE AC is the same as the amount entered and sum of Transaction Amount, Authorized and Amount of previous transaction with same PAN is less than Terminal floor Limit TSI byte 1, bit 4 = 1 ie Terminal Risk Management was performed
Page 400
2CJ.123.00 Transaction log is not available and Terminal Floor Limit is exceeded
Test No. 2CJ.123.00 Objective: To ensure that the terminal sets the Transaction exceeds floor limit bit in the TVR to 1b, if no transaction log is available and if the Amount, Authorized is greater than or equal to the Terminal Floor Limit Reference: 2RJ.087.0 - Book 3 Section 6.6.1 - Transaction log is not available and Terminal Floor Limit is exceeded Conditions: LT supports Terminal Risk Management Transaction log is not available Transaction Amount, Authorized is equal to or greater than Terminal floor Limit (Amount Authorized can include a cash back amount) CDOL1 requests TVR and TSI and Terminal Floor Limit and Amount Authorized Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 8 = 1 ie Transaction exceeds floor limit Amount Authorized returned in First GENERATE AC is the same as the amount entered and Transaction Amount, Authorized is equal to or greater than Terminal floor Limit TSI byte 1, bit 4 = 1 ie Terminal Risk Management was performed
Page 401
2CJ.124.00 Transaction log is not available and Terminal Floor Limit is not exceeded (implied)
Test No. 2CJ.124.00 Objective: To ensure that the terminal does not set the Transaction exceeds floor limit bit in the TVR to 1b, if no transaction log is available and if the Amount, Authorized is less than the Terminal Floor Limit Reference: 2RJ.087.1 - Book 3 Section 6.6.1 - Transaction log is not available and Terminal Floor Limit is not exceeded (implied) Conditions: LT supports Terminal Risk Management Transaction log is not available Transaction Amount, Authorized is less than Terminal floor Limit (Amount Authorized can include a cash back amount) CDOL1 requests TVR and TSI and Terminal Floor Limit and Amount Authorized Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 8 = 0 ie Transaction does not exceed floor limit Amount Authorized returned in First GENERATE AC is the same as the amount entered and Transaction Amount, Authorized is less than Terminal floor Limit TSI byte 1, bit 4 = 1 ie Terminal Risk Management was performed
Page 402
2CJ.127.00 Transaction log entry with the same PAN is not available and Terminal Floor Limit is exceeded
Test No. 2CJ.127.00 Objective: To ensure that the terminal sets the Transaction exceeds floor limit bit in the TVR to 1b, if no transaction log with the same PAN is available and if the Amount, Authorized is greater than or equal to the Terminal Floor Limit Reference: 2RJ.088.0 - Book 3 Section 6.6.1 - Transaction log entry with the same PAN is not available and Terminal Floor Limit is exceeded Conditions: LT supports Terminal Risk Management Transaction log is not available for same PAN (another transaction as been made with another PAN before with Amount less than Terminal floor Limit) Transaction Amount, Authorized is equal to or greater than Terminal floor Limit (Amount Authorized can include a cash back amount) CDOL1 requests TVR and TSI and Terminal Floor Limit and Amount Authorized Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 8 = 1 ie Transaction exceeds floor limit Amount Authorized returned in First GENERATE AC is the same as the amount entered and Transaction Amount, Authorized is equal to or greater than Terminal floor Limit TSI byte 1, bit 4 = 1 ie Terminal Risk Management was performed
Page 403
2CJ.128.00 Transaction log entry with the same PAN is not available and Terminal Floor Limit is not exceeded (implied)
Test No. 2CJ.128.00 Objective: To ensure that the terminal does not set the Transaction exceeds floor limit bit in the TVR to 1b, if no transaction log with the same PAN is available and if the Amount, Authorized is less than the Terminal Floor Limit Reference: 2RJ.088.1 - Book 3 Section 6.6.1 - Transaction log entry with the same PAN is not available and Terminal Floor Limit is not exceeded (implied) Conditions: LT supports Terminal Risk Management Transaction log is not available for same PAN (another transaction has been made with another PAN before with Amount less than Terminal floor Limit) Transaction Amount, Authorized is less than Terminal floor Limit (Amount Authorized can include a cash back amount) CDOL1 requests TVR and TSI and Terminal Floor Limit and Amount Authorized Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 8 = 0 ie Transaction does not exceed floor limit Amount Authorized returned in First GENERATE AC is the same as the amount entered and Transaction Amount, Authorized is less than Terminal floor Limit TSI byte 1, bit 4 = 1 ie Terminal Risk Management was performed
Page 404
2CJ.137.00 Both the Lower and the Upper Consecutive Offline Limit are present in the ICC
Test No. 2CJ.137.00 Objective: To ensure that if Lower and Upper Consecutive Offline Limits are present in the card, the terminal performs the velocity checking Reference: 2RJ.095.0 - Book 3 Section 6.6.3 - Both the Lower and the Upper Consecutive Offline Limit are present in the ICC Conditions: LT supports Terminal Risk Management Lower and Upper Consecutive Offline Limits are present in the LT ATC is not returned by GET DATA CDOL 1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 7 = 1 ie Lower Consecutive Offline Limit exceeded TVR byte 4, bit 6 = 1 ie Upper Consecutive Offline Limit exceeded TVR byte 2, bit 4 = 0 ie New Card TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 405
2CJ.138.00 Either the Lower or the Upper Consecutive Offline Limit is not present in the ICC
Test No. 2CJ.138.00 Objective: To ensure that if either Lower or Upper Consecutive Offline Limits is absent in the card, the terminal does not perform the velocity checking Reference: 2RJ.096.0 - Book 3 Section 6.6.3 - Either the Lower or the Upper Consecutive Offline Limit is not present in the ICC Conditions: LT supports Terminal Risk Management either Lower or Upper Consecutive Offline Limits is absent in the LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 7 = 0 ie Lower Consecutive Offline Limit not exceeded TVR byte 4, bit 6 = 0 ie Upper Consecutive Offline Limit not exceeded The terminal shall not issue the GET DATA command for the ATC or the LOATC
Page 406
2CJ.139.00 GET DATA on both the ATC and the Last Online ATC Register
Test No. 2CJ.139.00 Objective: To ensure that if terminal performs the velocity checking, it reads the ATC and Last online ATC using GET DATA command Reference: 2RJ.097.0 - Book 3 Section 6.6.3 - GET DATA on both the ATC and the Last Online ATC Register Conditions: LT supports Terminal Risk Management Lower and Upper Consecutive Offline Limits are present in the LT Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion LT shall receive 2 GET DATAs command for ATC and Last Online ATC
Page 407
Page 408
2CJ.140.01 The Last Online ATC Register is not present in the ICC
Test No. 2CJ.140.01 Objective: To ensure that if the Last Online ATC is not returned by the card in response to the GET DATA command, the terminal sets both the Lower consecutive offline limit exceeded and the Upper consecutive offline limit exceeded bits in the TVR to 1b and does not set the New Card bit in the TVR to 1b Reference: 2RJ.098.0 - Book 3 Section 6.6.3 - Either the ATC or the Last Online ATC Register is not present in the ICC Conditions: LT supports Terminal Risk Management (AIP) Terminal shall support Risk management Lower and Upper Consecutive Offline Limits are present in the LT Last Online ATC is not returned by GET DATA If returned, Last Online ATC is 0 CDOL1 Requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 7 = 1 ie Lower Consecutive Offline Limit exceeded TVR byte 4, bit 6 = 1 ie Upper Consecutive Offline Limit exceeded TVR byte 2, bit 4 = 0 ie not a new card TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 409
2CJ.141.00 (ATC - Last Online ATC Register) > Lower Consecutive Offline Limit
Test No. 2CJ.141.00 Objective: To ensure that if the difference between the ATC and the Last Online ATC Register is greater than the Lower Consecutive Offline Limit, the terminal sets the Lower consecutive offline limit exceeded bit in the TVR to 1b Reference: 2RJ.099.0 - Book 3 Section 6.6.3 - (ATC - Last Online ATC Register) > Lower Consecutive Offline Limit Conditions: LT supports Terminal Risk Management Lower and Upper Consecutive Offline Limits are present in the LT ATC and Last Online ATC are returned by GET DATA ATC - Last Online ATC > Lower Consecutive Offline Limit CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 7 = 1 ie Lower Consecutive Offline Limit exceeded
Page 410
2CJ.142.00 (ATC - Last Online ATC Register) = Lower Consecutive Offline Limit (implied)
Test No. 2CJ.142.00 Objective: To ensure that if the difference between the ATC and the Last Online ATC Register is equal to the Lower Consecutive Offline Limit, the terminal does not set the Lower consecutive offline limit exceeded bit in the TVR to 1b Reference: 2RJ.099.1 - Book 3 Section 6.6.3 - (ATC - Last Online ATC Register) = Lower Consecutive Offline Limit (implied) Conditions: LT supports Terminal Risk Management Lower and Upper Consecutive Offline Limits are present in the LT ATC and Last Online ATC are returned by GET DATA ATC - Last Online ATC = Lower Consecutive Offline Limit Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality CDOL1 Requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 7 = 0 ie Lower Consecutive Offline Limit not exceeded
Page 411
2CJ.143.00 (ATC - Last Online ATC Register) < Lower Consecutive Offline Limit (implied)
Test No. 2CJ.143.00 Objective: To ensure that if the difference between the ATC and the Last Online ATC Register is less than the Lower Consecutive Offline Limit, the terminal does not set the Lower consecutive offline limit exceeded bit in the TVR to 1b Reference: 2RJ.099.2 - Book 3 Section 6.6.3 - (ATC - Last Online ATC Register) < Lower Consecutive Offline Limit (implied) Conditions: LT supports Terminal Risk Management Lower and Upper Consecutive Offline Limits are present in the LT ATC and Last Online ATC are returned by GET DATA ATC - Last Online ATC < Lower Consecutive Offline Limit Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 7 = 0 ie Lower Consecutive Offline Limit not exceeded
Page 412
2CJ.144.00 (ATC - Last Online ATC Register) > Upper Consecutive Offline Limit
Test No. 2CJ.144.00 Objective: To ensure that if the difference between the ATC and the Last Online ATC Register is greater than the Upper Consecutive Offline Limit, the terminal sets the Upper consecutive offline limit exceeded bit in the TVR to 1b Reference: 2RJ.100.0 - Book 3 Section 6.6.3 - (ATC - Last Online ATC Register) > Upper Consecutive Offline Limit Conditions: LT supports Terminal Risk Management Lower and Upper Consecutive Offline Limits are present in the LT ATC and Last Online ATC are returned by GET DATA ATC - Last Online ATC > Upper Consecutive Offline Limit CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 6 = 1 ie Upper Consecutive Offline Limit exceeded
Page 413
2CJ.145.00 (ATC - Last Online ATC Register) = Upper Consecutive Offline Limit (implied)
Test No. 2CJ.145.00 Objective: To ensure that if the difference between the ATC and the Last Online ATC Register is equal to the Upper Consecutive Offline Limit, the terminal does not set the Upper consecutive offline limit exceeded bit in the TVR to 1b Reference: 2RJ.100.1 - Book 3 Section 6.6.3 - (ATC - Last Online ATC Register) = Upper Consecutive Offline Limit (implied) Conditions: LT supports Terminal Risk Management Lower and Upper Consecutive Offline Limits are present in the LT ATC and Last Online ATC are returned by GET DATA ATC - Last Online ATC = Upper Consecutive Offline Limit Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 6 = 0 ie Upper Consecutive Offline Limit not exceeded
Page 414
2CJ.146.00 (ATC - Last Online ATC Register) < Upper Consecutive Offline Limit (implied)
Test No. 2CJ.146.00 Objective: To ensure that if the difference between the ATC and the Last Online ATC Register is less than the Upper Consecutive Offline Limit, the terminal does not set the Upper consecutive offline limit exceeded bit in the TVR to 1b Reference: 2RJ.100.2 - Book 3 Section 6.6.3 - (ATC - Last Online ATC Register) < Upper Consecutive Offline Limit (implied) Conditions: LT supports Terminal Risk Management Lower and Upper Consecutive Offline Limits are present in the LT ATC and Last Online ATC are returned by GET DATA ATC - Last Online ATC < Upper Consecutive Offline Limit Testers will select a payment scheme EMV AID or a generic AID (eg. Non EMV AID) , in the event of payment scheme interference of the EMV functionality CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 6 = 0 ie Upper Consecutive Offline Limit not exceeded
Page 415
Page 416
Page 417
Page 418
Page 419
Page 420
Page 421
Page 422
2CJ.154.00 TAC Default processing bit set to 1b, & terminal unable to go online
Test No. 2CJ.154.00 Objective: To ensure that the terminal issues a second GENERATE AC requesting an AAC, if online connection was requested after first GENERATE AC and terminal is unable to go online and for a bit set to 1b in the TVR, the corresponding bit in the TAC Default is set to 1b Reference: 2RJ.117.1 - Book 3 Section 6.7 - Terminal is unable to go online, TVR and Terminal Action Code-Default check requests an AAC Conditions: Terminal Action Codes Denial have all bits set to 0b LT returns ARQC to first GENERATE AC command Terminal has online capabilities, and is unable to go online Issuer Action Codes have all bits set to 0b Terminal Action Code Default has one bit set to 1b and the corresponding TVR bit is set to 1b AIP must be set to execute the function associated with the TAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a second GENERATE AC command requesting an AAC in all cases
Page 423
2CJ.155.00 TAC Default processing bit set to 0b, & terminal unable to go online
Test No. 2CJ.155.00 Objective: To ensure that the terminal issues a second GENERATE AC requesting a TC, if online connection was requested after first GENERATE AC and terminal is unable to go online and for each bit set to 1b in the TVR, the corresponding bit in both the IAC Default and TAC-Default is set to 0b Reference: 2RJ.118.0 - Book 3 Section 6.7 - Terminal is unable to go online, TVR and Default Action Codes check requests a TC Conditions: Terminal Action Codes Denial have all bit set to 0b LT returns ARQC to first GENERATE AC command Terminal has online capabilities and unable to go online Issuer Action Codes have all bits set to 0b Terminal Action Code Default has one bit set to 0b and the corresponding TVR bit is set to 1b AIP must be set to execute the function associated with the TAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a second GENERATE AC command requesting a TC in all cases
Page 424
2CJ.156.00 TAC Default processing bit set to 1b, & terminal has no online capability
Test No. 2CJ.156.00 Objective: To ensure that the terminal skips the check of Online Action Codes and issues a first GENERATE AC requesting an AAC, if terminal has no online capabilities and for a bit set to 1b in the TVR, the corresponding bit in the TAC Default is set to 1b Reference: 2RJ.120.1 - Book 3 Section 6.7 - Terminal has not online capability, TVR and Terminal Action Codes-Default check requests an AAC Conditions: Terminal Action Code Denial has all bit set to 0b Terminal Action Code Online has all bit set to 1b Terminal has no online capabilities Issuer Action Codes have all bits set to 0b Terminal Action Code Default has one bit set to 1b and the corresponding TVR bit is set to 1b AIP must be set to execute the function associated with the TAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a first GENERATE AC command requesting an AAC in all cases
Page 425
2CJ.157.00 TAC Default processing bit set to 0b, & terminal has no online capability
Test No. 2CJ.157.00 Objective: To ensure that the terminal skips the check of Online Action Codes and issues a first GENERATE AC requesting a TC, if terminal has no online capability and for each bit set to 1b in the TVR, the corresponding bit in both the IAC Default and TAC-Default is set to 0b Reference: 2RJ.121.0 - Book 3 Section 6.7 - Terminal has not online capability, TVR and Default Action Codes check requests a TC Conditions: Terminal Action Code Denial has all bit set to 0b Issuer Action Code Denial has all bit set to 0b Terminal Action Code Online has all bit set to 1b Terminal has no online capabilities Issuer Action Code Default has all bits set to 0b Terminal Action Code Default has one bit set to 0b and the corresponding TVR bit is set to 1b AIP must be set to execute the function associated with the TAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a first GENERATE AC command requesting a TC in all cases
Page 426
Page 427
2CJ.159.00 (implied)
Test No. 2CJ.159.00
Objective: To ensure that the terminal issues a GENERATE AC requesting a TC if for a bit is set to 1b in the TVR, the corresponding bit in the IAC Denial is set to 0b. Reference: 2RJ.111.5 - Book 3 Section 6.7 - TVR and IAC-Denial check requests a TC (implied) Conditions: Terminal Action Codes have all bits set to 0b Issuer Actions Code Denial has one bit set to 0b and the corresponding TVR bit is set to 1b Issuer Actions Codes Online & Default have all bits set to 0b AIP must be set to execute the function associated with the IAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a first GENERATE AC command requesting an TC in all cases
Page 428
2CJ.160.00 Terminal has online capability, TVR and Issuer Action Code-Online check requests an ARQC
Test No. 2CJ.160.00 Objective: To ensure that the terminal issues a GENERATE AC requesting an ARQC, if the terminal has online capabilities and if for a bit set to 1b in the TVR, the corresponding bit in the IAC Online is set to 1b Reference: 2RJ.116.0 - Book 3 Section 6.7 - Terminal has online capability, TVR and Issuer Action Code-Online check requests an ARQC Conditions: Terminal has online capabilities Issuer Action Codes Denial & Default have all bits set to 0b Issuer Action Code Online has one bit set to 1b and the corresponding TVR bit is set to 1b Terminal Action Code has all bits set to 0b AIP must be set to execute the function associated with the IAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a first GENERATE AC command requesting an ARQC in all cases
Page 429
2CJ.161.00 Terminal has online capability, TVR and Online Action Codes check requests a TC (implied)
Test No. 2CJ.161.00 Objective: To ensure that the terminal Issues a GENERATE AC requesting a TC, if terminal has online capabilities, and if for a bit set to 1b in the TVR, the corresponding bit in the IAC Online is set to 0b Reference: 2RJ.116.2 - Book 3 Section 6.7 - Terminal has online capability, TVR and Online Action Codes check requests a TC (implied) Conditions: Terminal has online capabilities Terminal Action Code have all bits set to 0b Issuer Action Codes Denial & Default have all bits set to 0b Issuer Action Code Online has one bit set to 0b and the corresponding TVR bit is set to 1b AIP must be set to execute the function associated with the IAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a first GENERATE AC command requesting a TC in all cases
Page 430
2CJ.162.00 Terminal is unable to go online, TVR and Issuer Action Code-Default check requests an AAC
Test No. 2CJ.162.00 Objective: To ensure that the terminal issues a second GENERATE AC requesting an AAC, if online connection was requested after first GENERATE AC and terminal is unable to go online and for a bit set to 1b in the TVR, the corresponding bit in the IAC-Default is set to 1b. Reference: 2RJ.112.2 - Book 3 Section 6.7 - Terminal is unable to go online, TVR and Issuer Action Code-Default check requests an AAC Conditions: Issuer Action Codes Denial have all bits set to 0b LT returns ARQC to first GENERATE AC command Terminal has online capabilities, and was unable to go online Issuer Action Code Default has one bit set to 1b and the corresponding TVR bit is set to 1b Terminal Action Codes have all bits set to 0b AIP must be set to execute the function associated with the IAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion In all cases, the LT shall receive a second GENERATE AC command requesting an AAC
Page 431
2CJ.163.00 Terminal is unable to go online, TVR and Default Action Codes check requests a TC
Test No. 2CJ.163.00 Objective: To ensure that the terminal issues a second GENERATE AC requesting an TC, if online connection was requested after first GENERATE AC and terminal is unable to go online and for a bit set to 1b in the TVR, the corresponding bit in the IAC-Default is set to 0b Reference: 2RJ.117.0 - Book 3 Section 6.7 - Terminal is unable to go online, TVR and Default Action Codes check requests a TC Conditions: Issuer Action Codes Denial have all bits set to 0b LT returns ARQC to first GENERATE AC command Terminal has online capabilities, and was unable to go online Issuer Action Code Default has one bit set to 0b and the corresponding TVR bit is set to 1b Terminal Action Codes have all bits set to 0b AIP must be set to execute the function associated with the IAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a second GENERATE AC command requesting a TC in all cases
Page 432
2CJ.164.00 Terminal has not online capability, TVR and Issuer Action Code-Default check requests an AAC
Test No. 2CJ.164.00 Objective: To ensure that the terminal skips the check of Online Action Codes and issues a first GENERATE AC requesting an AAC, if terminal has not rejected the transaction and terminal has no online capabilities and for a bit set to 1b in the TVR, the corresponding bit in the IAC-Default is set to 1b Reference: 2RJ.120.1 - Book 3 Section 6.7 - Terminal has not online capability, TVR and Issuer Action Code-Default check requests an AAC Conditions: Issuer Action Codes Denial have all bits set to 0b LT returns ARQC to first GENERATE AC command Terminal has no online capabilities Issuer Action Code Default has one bit set to 1b and the corresponding TVR bit is set to 1b Terminal Action Codes have all bits set to 0b AIP must be set to execute the function associated with the IAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a first GENERATE AC command requesting an AAC in all cases
Page 433
2CJ.165.00 Terminal has not online capability, TVR and Default Action Codes check requests a TC
Test No. 2CJ.165.00 Objective: To ensure that the terminal skips the check of Online Action Codes and issues a first GENERATE AC requesting a TC, if terminal has not rejected the transaction and terminal has no online capabilities and for a bit set to 1b in the TVR, the corresponding bit in the IAC-Default is set to 0b Reference: 2RJ.120.0 - Book 3 Section 6.7 - Terminal has not online capability, TVR and Default Action Codes check requests a TC Conditions: Issuer Action Codes Denial have all bits set to 0b LT returns ARQC to first GENERATE AC command Terminal has no online capabilities Issuer Action Code Default has one bit set to 0b and the corresponding TVR bit is set to 1b Terminal Action Codes has all bit set to 0b AIP must be set to execute the function associated with the TAC bit selected by the tester, and the LT will be set so the executed function will fail Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a first GENERATE AC command requesting an TC in all cases
Page 434
Page 435
Page 436
2CJ.168.00 IAC-Default is not present in the ICC and the Terminal is unable to go online
Test No. 2CJ.168.00 Objective: To ensure that If the Issuer Action Code-Default does not exist in the card, the terminal uses a default value with all bits set to 1b when the terminal is unable to go online. Reference: 2RJ.109.0 - Book 3 Section 6.7 - Issuer Action Code-Default is not present in the ICC and the Terminal is unable to go online Conditions: Terminal has online capability Issuer Action Code Default does not exist in the card Terminal Action Code Default has all bits set to 0b Issuer and Terminal Action Codes Denial have all bits set to 0b AIP must be set to execute the function associated with the IAC bit selected by the tester and the LT will be set so the executed function will fail LT requests ARQC to first GENERATE AC command Terminal unable to go online (no response received from issuer for instance) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a second GENERATE AC command requesting an AAC in all cases
Page 437
2CJ.169.00 IAC-Default is not present in the ICC and the Terminal is offline only
Test No. 2CJ.169.00 Objective: To ensure that if the Issuer Action Code-Default does not exist in the card, the terminal uses a default value with all bits set to 1b when the terminal is offline only. Reference: 2RJ.109.5 - Book 3 Section 6.7 & Book 3 Section 5.3 - Issuer Action CodeDefault is not present in the ICC and the Terminal is offline only Conditions: Terminal checks Default IAC prior to First Generate AC Issuer Action Code Default does not exist in the card Terminal Action Code Default has all bits set to 0b Issuer and Terminal Action Codes Denial have all bits set to 0b Issuer and Terminal Action Codes Online have all bits set to 0b "AIP must be set to execute a function associated with the IAC and this function will be failed by the LT" (e.g. SDA is failed then the TVR byte 1 bit 7 is set to 1b). Terminal is offline only Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a first GENERATE AC command requesting an AAC in all cases
Page 438
2CJ.169.02 IAC-Default is not present in the ICC and the Terminal is offline only (2)
Test No. 2CJ.169.02 Objective: To ensure that if the Issuer Action Code-Default does not exist in the card, the terminal uses a default value with all bits set to 1b when the terminal is offline only Reference: 2RJ.109.7 - Book 3 Section 6.7 - Issuer Action Code-Default is not present in the ICC and the Terminal is offline only Conditions: Terminal checks Default IAC after First Generate AC Issuer Action Code Default does not exist in the card Terminal Action Code Default has all bits set to 0b Issuer and Terminal Action Code Denial have all bits set to 0b Issuer Action Code Online has all bits set to 1b "AIP must be set to execute a function associated with the IAC and this function will be failed by the LT"(e.g. SDA is failed then the TVR byte 1 bit 7 is set to 1). LT requests ARQC in First Generate AC The terminal is offline only Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a second GENERATE AC command requesting an AAC in all cases
Page 439
2CJ.169.05 Tag for Terminal Capability Profile not include in ICC's CDOL1
Test No. 2CJ.169.05 Objective: To ensure that if Combined DDA / AC Generation is to be performed and the ICC's CDOL 1 does not include the tag for the Terminal Capability Profile, the terminal shall set the bit for Combined DDA / AC Generation Request in the GENERATE AC command to '1'. Reference: 2RJ.122.0 - Book 3 Section 6.7 - Combined DDA/AC Generation Missing Tag Conditions: Terminal and LT support Combined DDA / AC Generation CDOL 1 does not include Terminal Capability Profile Tag CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: TVR byte 1 bit 3 = '1' ie Combined DDA / AC Generation failed
Page 440
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. The terminal shall correctly interpret the LT response.
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. The terminal shall format and send an advice.
Page 441
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The Terminal shall prepare and send Authorization or Financial request message for the issuer
Page 442
2CJ.180.00 IAD is received from the Issuer and Issuer Authentication is supported in AIP
Test No. 2CJ.180.00 Objective: To ensure that the terminal issue EXTERNAL AUTHENTICATE command with IAD received if the card supports Issuer Authentication in AIP and if IAD is present in authorization response message Reference: 2RJ.128.0 - Book 3 Section 6.9 - IAD is received from the Issuer and Issuer Authentication is supported in AIP Conditions: LT returns an ARQC in response to first GENERATE AC The LT supports Issuer Authentication (AIP byte 1 bit 3 = 1) Authorization response message contains IAD Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The LT shall receive an EXTERNAL AUTHENTICATE command after the first GENERATE AC Data field of EXTERNAL AUTHENTICATE received by LT shall contain IAD as received from Issuer
Page 443
Page 444
2CJ.182.00 IAD is received from the Issuer and Issuer Authentication is not supported in AIP
Test No. 2CJ.182.00 Objective: To ensure that the terminal does not send EXTERNAL AUTHENTICATE command if the card does not support Issuer Authentication in AIP and if IAD is present in authorization response message Reference: 2RJ.130.0 - Book 3 Section 6.9 - IAD is received from the Issuer and Issuer Authentication is not supported in AIP Conditions: LT returns an ARQC in response to first GENERATE AC The LT does not support Issuer Authentication (AIP byte 1 bit 3 = 0) Authorization response message contains IAD Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion LT shall not receive EXTERNAL AUTHENTICATE command after first GENERATE AC
Page 445
Page 446
Page 447
2CJ.186.00 Multiple Issuer Scripts may be provided with a single authorization response
Test No. 2CJ.186.00 Objective: To ensure that the terminal is able to receive and manage multiple Issuer scripts in a single authorization message Reference: 2RJ.134.0 - Book 3 Section 6.10 - Multiple Issuer Scripts may be provided with a single authorisation response Conditions: LT returns an ARQC in response to first GENERATE AC Authorization response message contains several Issuer scripts LT returns 90 00 to each command of the scripts Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive commands according to the several scripts contained in the authorization response
Page 448
Page 449
Page 450
Page 451
Page 452
Page 453
2CJ.194.00 Issuer Script Commands not BER-TLV encoded and Issuer Script tag is 71
Test No. 2CJ.194.00 Objective: To ensure that the terminal sets the Script processing failed before final GENERATE AC bit in the TVR to 1b, if the command contained in the script with Tag 71 received is not BER-TLV encoded with Tag 86 Reference: 2RJ.142.0 - Book 3 Section 6.10 - Issuer Script Commands not BER-TLV encoded and Issuer Script tag is 71 Conditions: LT returns an ARQC in response to first GENERATE AC Authorization response message contains an Issuer script with Tag 71 command in Issuer Script are not BER-TLV encoded in tag 86 CDOL2 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 5, bit 6 = 1 ie Script processing failed before final GENERATE AC
Page 454
2CJ.195.00 Issuer Script Commands not BER-TLV encoded and Issuer Script tag is 72
Test No. 2CJ.195.00 Objective: To ensure that the terminal sets the Script processing failed after final GENERATE AC bit in the TVR to 1b, if the command contained in the script with Tag 72 received is not BER-TLV encoded with Tag 86 Reference: 2RJ.143.0 - Book 3 Section 6.10 - Issuer Script Commands not BER-TLV encoded and Issuer Script tag is 72 Conditions: LT returns an ARQC in response to first GENERATE AC Authorization response message contains an Issuer script with Tag 72 command in Issuer Script are not BER-TLV encoded in tag 86 CDOL 2 requests TVR
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 5, bit 5 = 1 ie Script processing failed after final GENERATE AC
Page 455
Page 456
Page 457
Page 458
2CJ.199.00 SWI in the Status Code is different from 90, 62, or 63 and Issuer Script tag is 71
Test No. 2CJ.199.00 Objective: To ensure that the terminal sets the Script processing failed before final GENERATE AC bit in the TVR to 1b, if Script Tag is 71 and SW1 in the status code returned by the card to a script command is different from 90 or 62, or 63 Reference: 2RJ.146.0 - Book 3 Section 6.10 - SWI in the Status Code is different from 90, 62, or 63 and Issuer Script tag is 71 Conditions: LT returns an ARQC in response to first GENERATE AC Authorization response message contains one Issuer script with Tag 71 LT returns SW1 different from 90 or 62, or 63 to one of the script commands CDOL2 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 5 bit 6 = 1 ie Script processing failed before final GENERATE AC
Page 459
2CJ.200.00 SWI in the Status Code is different from 90, 62, or 63 and Issuer Script tag is 72
Test No. 2CJ.200.00 Objective: To ensure that the terminal sets the Script processing failed after final GENERATE AC bit in the TVR to 1b, if Script Tag is 72 and SW1 in the status code returned by the card to a script command is different from 90 or 62, or 63 Reference: 2RJ.147.0 - Book 3 Section 6.10 - SWI in the Status Code is different from 90, 62, or 63 and Issuer Script tag is 72 Conditions: LT returns an ARQC in response to first GENERATE AC Authorization response message contains one Issuer script with Tag 72 LT returns SW1 different from 90 or 62, or 63 to one of the script commands CDOL 2 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 5, bit 5 = 1 ie Script processing failed after final GENERATE AC
Page 460
Page 461
Page 462
2CJ.203.00 Enhanced Combined DDA/AC failed when ICC responded with TC (1)
Test No. 2CJ.203.00 Objective: To ensure that the terminal declines the transaction if ICC has responded st with TC and Enhanced Combined DDA/AC failed (1 Generate AC) Reference: Based on Bulletin N 6 Conditions: CDOL1 in LT does not include Unpredictable Number generated by the terminal (tag 9F 37) Terminal and LT support Enhanced Combined DDA/AC LT responds TC to the 1st Generate AC Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC). Pass Criteria: The terminal shall decline the transaction after the 1st Generate AC.
The following pass criteria only applies if the terminal has the ability to store declined transactions: TVR byte 1, bit 3 shall be set to 1 indicating Combined DDA/AC Generation failed.
Page 463
2CJ.203.01 Enhanced Combined DDA/AC failed when ICC responded with TC (2)
Test No. 2CJ.203.01 Objective: To ensure that the terminal declines the transaction if ICC has responded nd with TC and Enhanced Combined DDA/AC failed (2 Generate AC) Reference: Based on Bulletin N 6 Conditions: CDOL1 in LT includes Unpredictable Number generated by the terminal (tag 9F 37) Terminal and LT support Enhanced Combined DDA/AC CDOL2 does not include Unpredictable Number LT responds TC to the 2nd Generate AC LT responds ARQC to the 1st Generate AC Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC). Pass Criteria: The terminal shall decline the transaction after the 2nd Generate AC.
The following pass criteria only applies if the terminal has the ability to store declined transactions. TVR byte 1, bit 3 shall be set to 1 indicating Combined DDA/AC Generation failed.
Page 464
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall return a GENERATE AC command to the LT with Data field correctly filled according to CDOL1
Page 465
2CK.003.00 CDOL requests a TC Hash Value and TDOL is present in the ICC
Test No. 2CK.003.00 Objective: To ensure that if TC Hash Value is requested in CDOL, the terminal is able to calculate TC Hash value according to the TDOL provided by the card Reference: 2RK.003.0 - Book 3 Section 5.2.2 - CDOL requests a TC Hash Value and TDOL is present in the ICC Conditions: LT contains TDOL CDOL1 requests TC Hash value Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall return a GENERATE AC command to the LT with Data field containing a TC Hash value correctly calculated
Page 466
2CK.004.00 CDOL requests a TC Hash Value and TDOL is not present in the ICC
Test No. 2CK.004.00 Objective: To ensure that if TC Hash Value is requested in CDOL, and TDOL is not provided by the card, the terminal is able to calculate TC Hash value according to the default TDOL contained in the terminal and it sets the Default TDOL used bit in the TVR to 1b Reference: 2RK.004.0 - Book 3 Section 5.2.2 - CDOL requests a TC Hash Value and TDOL is not present in the ICC Conditions: LT does not contains TDOL CDOL1 requests TC Hash value and TVR Terminal contains a default value for TDOL (value is known) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall return a GENERATE AC command to the LT with Data field containing a TC Hash value correctly calculated with default TDOL as input TVR byte 5, bit 8 = 1 ie Default TDOL used
Page 467
2CK.005.00 CDOL requests a TC Hash Value and neither TDOL nor default TDOL is present
Test No. 2CK.005.00 Objective: To ensure that if TC Hash Value is requested in CDOL, and TDOL is not provided by the card and there is no default TDOL in terminal, the terminal is able to calculate TC Hash value using a TDOL with no data object. Reference: 2RK.005.0 - Book 3 Section 5.2.2 - CDOL requests a TC Hash Value and neither TDOL nor default TDOL is present Conditions: LT does not contains TDOL CDOL1 requests TC Hash value, and TVR Terminal does not contains a default value for TDOL Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall return a GENERATE AC command to the LT with Data field containing a TC Hash value correctly calculated with a TDOL with no entry TVR byte 5, bit 8 = 0 ie Default TDOL not used
Page 468
Page 469
Page 470
Page 471
Page 472
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall complete the transaction offline (accepted).
Page 473
Page 474
Page 475
Page 476
Page 477
Page 478
Page 479
Page 480
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall terminate the transaction
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall terminate the transaction
Page 481
2CL.013.00 ATC not returned by GET DATA and Both LCOL and UCOL are present
Test No. 2CL.013.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b if both Lower and Upper Consecutive Offline Limit data objects are present in the ICC and if the ATC is not returned by the GET DATA. Reference: 2RL.003.0 - Book 3 Section 3.4 - ATC not returned by GET DATA and Both LCOL and UCOL are present Conditions: LT supports Terminal Risk Management (AIP Byte 1 bit 4 = '1') Terminal shall support Risk management Lower and Upper Consecutive Offline Limit are present in LT ATC is not returned by GET DATA CDOL1 Requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing TVR byte 4, bit 7 = 1 ie Lower Consecutive Offline Limit exceeded TVR byte 4, bit 6 = 1 ie Upper Consecutive Offline Limit exceeded TVR byte 2, bit 4 = 0 ie not a new card
Page 482
2CL.014.00 Last Online ATC Register not returned by GET DATA and Both LCOL and UCOL are present
Test No. 2CL.014.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b if both Lower and Upper Consecutive Offline Limit data objects are present in the ICC and if the Last Online ATC is not returned by the GET DATA. Reference: 2RL.004.0 - Book 3 Section 3.4 - Last Online ATC Register not returned by GET DATA and Both LCOL and UCOL are present Conditions: LT supports Terminal Risk Management (AIP byte 1 bit 4= '1') Terminal shall support Risk management Lower and Upper Consecutive Offline Limit are present in LT Last Online ATC is not returned by GET DATA CDOL1 Requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing TVR byte 4, bit 7 = 1 ie Lower Consecutive Offline Limit exceeded TVR byte 4, bit 6 = 1 ie Upper Consecutive Offline Limit exceeded TVR byte 2, bit 4 = 0 ie not a new card
Page 483
2CL.015.00 CVM List not present and Cardholder Verification is supported in AIP
Test No. 2CL.015.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b if Cardholder verification is supported in AIP and CVM List is missing in the card. Reference: 2RL.005.0 - Book 3 Section 3.4 - CVM List not present and Cardholder Verification is supported in AIP Conditions: AIP byte 1 bit 5 = 1 (Cardholder verification supported) CVM List is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 484
2CL.016.00 CA Public Key Index not present and Offline SDA is supported in AIP
Test No. 2CL.016.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b if Offline Static Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card. Reference: 2RL.006.0 - Book 3 Section 3.4 - Certification Authority Public Key Index not present and Offline SDA is supported in AIP Conditions: Terminal supports static data authentication AIP byte 1 bit 7 = 1 (Offline Static Data Authentication supported) Certification Authority Public Key Index is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 485
2CL.017.00 CA Public Key Index not present and Offline DDA is supported in AIP
Test No. 2CL.017.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b if Offline Dynamic Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card. Reference: 2RL.007.0 - Book 3 Section 3.4 - Certification Authority Public Key Index not present and Offline DDA is supported in AIP Conditions: Terminal supports dynamic data authentication AIP byte 1 bit 6 = 1 (Offline Dynamic Data Authentication supported) Certification Authority Public Key Index is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 486
2CL.019.00 Issuer Public Key Certificate not present and Offline SDA is supported in AIP
Test No. 2CL.019.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b if Offline Static Data Authentication is supported in AIP and Issuer Public Key Certificate is missing in the card. Reference: 2RL.009.0 - Book 3 Section 3.4 - Issuer Public Key Certificate not present and Offline SDA is supported in AIP Conditions: Terminal supports static data authentication AIP byte 1 bit 7 = 1 (Offline Static Data Authentication supported) Issuer Public Key Certificate is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 487
2CL.020.00 Issuer Public Key Certificate not present and Offline DDA is supported in AIP
Test No. 2CL.020.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b if Offline Dynamic Data Authentication is supported in AIP and Issuer Public Key Certificate is missing in the card. Reference: 2RL.010.0 - Book 3 Section 3.4 - Issuer Public Key Certificate not present and Offline DDA is supported in AIP Conditions: Terminal supports dynamic data authentication AIP byte 1 bit 6 = 1 (Offline Dynamic Data Authentication supported) Issuer Public Key Certificate is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 488
2CL.021.00 Issuer Public Key Exponent not present and Offline SDA is supported in AIP
Test No. 2CL.021.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b if Offline Static Data Authentication is supported in AIP and Issuer Public Key Exponent is missing in the card. Reference: 2RL.011.0 - Book 3 Section 3.4 - Issuer Public Key Exponent not present and Offline SDA is supported in AIP Conditions: Terminal supports static data authentication AIP byte 1 bit 7 = 1 (Offline Static Data Authentication supported) Issuer Public Key Exponent is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 489
2CL.022.00 Issuer Public Key Exponent not present and Offline DDA is supported in AIP
Test No. 2CL.022.00 Objective: To ensure that terminal sets ICC data missing bit in the TVR to 1b if Offline Dynamic Data Authentication is supported in AIP and Issuer Public Key Exponent is missing in the card. Reference: 2RL.012.0 - Book 3 Section 3.4 - Issuer Public Key Exponent not present and Offline DDA is supported in AIP Conditions: Terminal supports dynamic data authentication AIP byte 1 bit 6 = 1 (Offline Dynamic Data Authentication supported) Issuer Public Key Exponent is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 490
2CL.023.00 Issuer Public Key Remainder not present and Offline SDA is supported in AIP
Test No. 2CL.023.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b, if Offline Static Data Authentication is supported in AIP and Issuer Public Key Remainder is missing in the card and the length of the recovered Issuer Public Key indicates that Issuer Public Key Remainder should be present. Reference: 2RL.013.0 - Book 3 Section 3.4 - Issuer Public Key Remainder not present and Offline SDA is supported in AIP Conditions: Terminal supports static data authentication AIP byte 1 bit 7 = 1 (Offline Static Data Authentication supported) Issuer Public Key Remainder is not present in LT Size of Issuer Public Key and CA Public Key is such as NI > NCA 36 CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 491
2CL.024.00 Issuer Public Key Remainder not present and Offline DDA is supported in AIP
Test No. 2CL.024.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b , if Offline Dynamic Data Authentication is supported in AIP and Issuer Public Key Remainder is missing in the card and the length of the recovered Issuer Public Key indicates that Issuer Public Key Remainder should be present. Reference: 2RL.014.0 - Book 3 Section 3.4 - Issuer Public Key Remainder not present and Offline DDA is supported in AIP Conditions: Terminal supports dynamic data authentication AIP byte 1 bit 6 = 1 (Offline Dynamic Data Authentication supported) Issuer Public Key Remainder is not present in LT Size of Issuer Public Key and CA Public Key is such as NI > NCA 36 CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 492
2CL.025.00 Signed Static Application Data not present and Offline SDA is supported in AIP
Test No. 2CL.025.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b , if Offline Static Data Authentication is supported in AIP and Signed Static Application Data is missing in the card. Reference: 2RL.015.0 - Book 3 Section 3.4 - Signed Static Application Data not present and Offline SDA is supported in AIP Conditions: Terminal supports static data authentication AIP byte 1 bit 7 = 1 (Offline Static Data Authentication supported) Signed Static Application Data is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 493
2CL.026.00 ICC Public Key Certificate not present and Offline DDA is supported in AIP
Test No. 2CL.026.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b , if Offline Dynamic Data Authentication is supported in AIP and ICC Public Key Certificate is missing in the card. Reference: 2RL.016.0 - Book 3 Section 3.4 - ICC Public Key Certificate not present and Offline DDA is supported in AIP Conditions: Terminal supports dynamic data authentication AIP byte 1 bit 6 = 1 (Offline Dynamic Data Authentication supported) ICC Public Key Certificate is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 494
2CL.027.00 ICC Public Key Exponent not present and Offline DDA is supported in AIP
Test No. 2CL.027.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b , if Offline Dynamic Data Authentication is supported in AIP and ICC Public Key Exponent is missing in the card. Reference: 2RL.017.0 - Book 3 Section 3.4 - ICC Public Key Exponent not present and Offline DDA is supported in AIP Conditions: Terminal supports dynamic data authentication AIP byte 1 bit 6 = 1 (Offline Dynamic Data Authentication supported) ICC Public Key Exponent is not present in LT CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 495
2CL.028.00 ICC Public Key Remainder not present and Offline DDA is supported in AIP
Test No. 2CL.028.00 Objective: To ensure that terminal sets the ICC data missing bit in the TVR to 1b , if Offline Dynamic Data Authentication is supported in AIP and ICC Public Key Remainder is missing in the card and the length of the recovered ICC Public Key indicates that ICC Public Key Remainder should be present. Reference: 2RL.018.0 - Book 3 Section 3.4 - ICC Public Key Remainder not present and Offline DDA is supported in AIP Conditions: Terminal supports dynamic data authentication AIP byte 1 bit 6 = 1 (Offline Dynamic Data Authentication supported) ICC Public Key Remainder is not present in LT Size of ICC Public Key and Issuer Public Key is such as NICC > NI 42 CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion. TVR byte 1, bit 6 = 1 ie ICC Data missing
Page 496
2CL.029.05 Constructed Data Objects do not parse correctly: Directory Record in Payment System Directory
Test No. 2CL.029.05 Objective: To ensure that if Directory Record in Payment System Directory does not parse correctly, the terminal terminates the processing. Reference: 2RL.019.07 - Book 1 Section 6 - Constructed Data Objects do not parse correctly: Directory Record in Payment System Directory Conditions: Terminal supports SELECT PSE The Record returned in response to Read Directory command does not parse correctly (several tests can be made with bad Tag, bad length, Tag located at a wrong position...) Procedure: Application selection process with PSE is performed by the LT. Pass Criteria: The terminal shall terminate processing and can return to application selection or abort the transaction.
Page 497
Page 498
2CL.033.00 Constructed Data Objects do not parse correctly: GPO response template
Test No. 2CL.033.00 Objective: To ensure that the terminal terminates the Processing if GET PROCESSING OPTIONS response template does not parse correctly Reference: 2RL.019.4 - Book 1 Section 6 - Constructed Data Objects do not parse correctly: GPO response template Conditions: GET PROCESSING OPTIONS response template returned in response to GET PROCESSING OPTIONS does not parse correctly (several tests can be made with bad Tag, bad length, Tag located at a wrong position...) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall terminate processing and can return to application selection or abort the transaction
Page 499
2CL.034.00 Constructed Data Objects do not parse correctly: GENERATE AC response template
Test No. 2CL.034.00 Objective: To ensure that the terminal terminates the processing if GENERATE AC response template does not parse correctly Reference: 2RL.019.5 - Book 3 Section 3.4 & Section 2.5.5.4 - Constructed Data Objects do not parse correctly: Generate AC response template Conditions: GENERATE AC response template returned in response to GENERATE AC does not parse correctly (several tests can be made with bad Tag, bad length, Tag located at a wrong position...) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall terminate processing and can return to application selection or abort the transaction
2CL.035.00 Constructed Data Objects do not parse correctly: INTERNAL AUTHENTICATE response template
Test No. 2CL.035.00 Objective: To ensure that the terminal terminates the processing if INTERNAL AUTHENTICATE response template does not parse correctly Reference: 2RL.019.6 - Book 3 Section 3.4 & Section 2.5.9.4 - Constructed Data Objects do not parse correctly: Internal Authenticate response template Conditions: INTERNAL AUTHENTICATE response template returned in response to INTERNAL AUTHENTICATE does not parse correctly (several tests can be made with bad Tag, bad length, Tag located at a wrong position...) Terminal and LT support DDA Procedure: Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication) Pass Criteria: The terminal shall terminate processing and can return to application selection or abort the transaction
Page 500
2CL.037.00 Data that must be in a specific range of values but are not: SFI
Test No. 2CL.037.00 Objective: To ensure that if the terminal supports selection with PSE and SFI value returned by the card in FCI is not in the range of supported values, it terminates the processing. Reference: 2RL.021.0 - Book 1 Section 8.2.3 - Data that must be in a specific range of values but are not: SFI Conditions: Terminal supports selection with PSE SFI of Directory File returned by the LT is outside range 01-10 Procedure: Application selection process with PSE is performed by the LT Pass Criteria: The terminal shall terminate processing and can return to application selection or abort the transaction
Page 501
2CL.038.00 Data that must be in a specific range of values but are not: Issuer Code Table Index
Test No. 2CL.038.00 Objective: To ensure that the terminal terminates the processing if Issuer Code Table Index value is not in the range of supported values Reference: 2RL.021.1 - Book 3 Section 3.4 & Book 3 Annex C.4 - Data that must be in a specific range of values but are not: Issuer Code Table Index Conditions: Issuer Code Table Index value returned by the LT in FCI is outside ISO 8959 supported values Procedure: Application selection process is performed by the LT Pass Criteria: The terminal shall terminate processing and can return to application selection or abort the transaction
Page 502
Page 503
Page 504
2CL.050.00 AFL with an incorrect number of records participating in Offline Data Authentication
Test No. 2CL.050.00 Objective: To ensure that the terminal terminates the processing if an entry in AFL has an incorrect number of records participating in Offline Data Authentication. Reference: 2RL.028.0 - Book 3 Section 3.4 - AFL with an incorrect number of records participating in Offline Data Authentication Conditions: Ending record number - start record number + 1< number of records participating in Offline Data Authentication Procedure: Application selection process is performed by the LT Pass Criteria: The terminal shall terminate processing and can return to application selection or abort the transaction
Page 505
Page 506
Page 507
Page 508
2CM.004.00 Online Only Terminal Not Supporting Data Authentication Sets Bit
Test No. 2CM.004.00 Objective: To ensure that an online only terminal sets the Offline Data Authentication was not performed bit in the TVR to 1b , if it does not support any form of Data authentication according to the Terminal capabilities Reference: 2RM.004.0 - Book 4 Section 2.3.1 - Online Only Terminal Not Supporting Data Authentication Sets Bit Conditions: Terminal capabilities indicates Authentication are not supported Terminal is online only terminal CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: TVR byte 1, bit 8 = 1 ie Data Authentication was not performed that Static and Dynamic Data
Page 509
Page 510
Page 511
2CM.009.05 Terminal Recognition of CVM Codes ('No CVM required' not supported)
Test No. 2CM.009.05 Objective: To ensure that the terminal recognizes CVM code No CVM required if the terminal does not support this CVM. Reference: 2RM.009.5 - Book 4 Section 2.3.4 - Terminal Recognition of CVM Codes ( 'No CVM required' not supported) Conditions: LT supports Cardholder verification Terminal does not support 'No CVM required'. CDOL1 requests TVR, TSI and CVM results CVM List is 'No CVM required, always' Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 1 ie cardholder verification was not successful The terminal shall set byte 3 of the CVM Results to not successful TSI byte 1, bit 7 = 1 ie Cardholder verification was performed
Page 512
Page 513
Page 514
Page 515
Page 516
Page 517
2CM.016.00 Terminal Prompt for PIN Entry (PIN Try Counter >0)
Test No. 2CM.016.00 Objective: To ensure that the terminal prompts for PIN entry and displays a message such as Enter PIN, if PIN Try counter returned by GET DATA is not 0 Reference: 2RM.014.0 - Book 4 Section 2.3.4.1 - Terminal Prompt for PIN Entry (PIN Try Counter >0) Conditions: LT and Terminal support Cardholder verification Terminal supports Offline PIN verification LT returns PIN Try Counter > 0 to GET DATA Terminal supports GET DATA for PIN Try Counter CVM List is Plaintext PIN always Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Terminal shall display the Enter PIN message after having received the GET DATA command
Page 518
Page 519
Page 520
Page 521
2CM.020.00 Online PIN When PIN Try Limit is Exceeded and Terminal Supports GET DATA for PIN Try Counter
Test No. 2CM.020.00 Objective: To ensure that the terminal allows a PIN to be entered for online verification even if the cards PIN Try Limit is exceeded Reference: 2RM.018.0 - Book 4 Section 2.3.4.2 - Online PIN When PIN Try Limit is Exceeded Conditions: Terminal supports Offline PIN (Plaintext or Enciphered) Terminal supports GET DATA for PIN Try Counter LT and Terminal support Cardholder verification Terminal supports Enciphered PIN verified Online CVM List requests Plaintext PIN if terminal supports followed by Enciphered Offline PIN if terminal supports followed by Online Enciphered PIN always. The first two CVRs (Plaintext PIN and Enciphered Offline PIN) shall have Byte 1, bit 7 of the CVM Code set to 1 (Applying succeeding CVR if this CVM is unsuccessful) LT returns PIN Try Counter = 0 to GET DATA CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 Cardholder verification was successful TVR byte 3, bit 6 = 1 PIN Try Limit exceeded TVR byte 3, bit 3 = 1 Online PIN entered Terminal shall display an Enter PIN Message Authorization or financial request message shall contain encrypted PIN
Page 522
2CM.020.01 Online PIN When PIN Try Limit is Exceeded and the Terminal does not support GET DATA for PIN Try Counter
Test No. 2CM.020.01 Objective: To ensure that the terminal allows a PIN to be entered for online verification even if the cards PIN Try Limit is exceeded Reference: 2RM.018.0 - Book 4 Section 2.3.4.2 - Online PIN When PIN Try Limit is Exceeded Conditions: Terminal supports Offline PIN (Plaintext or Enciphered) Terminal does not support GET DATA for PIN Try Counter LT and Terminal support Cardholder verification Terminal supports Enciphered PIN verified Online CVM List requests Plaintext PIN if terminal supports followed by Enciphered Offline PIN if terminal supports followed by Online Enciphered PIN always. The first two CVRs (Plaintext PIN and Enciphered Offline PIN) shall have Byte 1, bit 7 of the CVM Code set to 1 (Applying succeeding CVR if this CVM is unsuccessful) LT returns 63C0 to VERIFY command CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 3, bit 8 = 0 Cardholder verification was successful TVR byte 3, bit 6 = 1 PIN Try Limit exceeded TVR byte 3, bit 3 = 1 Online PIN entered Terminal shall display an Enter PIN Message Terminal shall indicate incorrect PIN and request Enter PIN for Online Pin entry Authorization or financial request message shall contain encrypted PIN
Page 523
Page 524
Page 525
Page 526
EMVCo Type Approval - Terminal Level 2 - Test Cases TVR byte 3, bit 8 = 0 ie Cardholder verification was successful TSI byte 1 , bit 7 = 1 ie Cardholder verification was performed TVR byte 3, bit 4 =1 ie Pin Entry required and PIN Pad present, but PIN was not entered.
Page 527
Page 528
Page 529
2CM.028.00 CVM Results Set With Method Code and Condition Code of Last CVM Performed
Test No. 2CM.028.00 Objective: To ensure that the terminal sets the CVM Results bytes 1 and 2 according to the last CVM performed Reference: 2RM.026.0 - Book 4 Section 2.3.4.5 - CVM Results Set With Method Code and Condition Code of Last CVM Performed Conditions: test is made with at least two CVM lists and behaviour, for instance: * Offline PIN always followed by Signature always and PIN is presented OK * Offline PIN always followed by Signature always and PIN not presented OK * Signature if supported CVM CDOL1 requests CVM results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion CVM Results byte 1 and 2 shall always be set in accordance with last CVM performed in the list. for the example above content is: * Offline PIN always * Signature always * Signature if supported CVM
Page 530
2CM.029.00 CVM Results Set When Last CVM Not Considered Successful
Test No. 2CM.029.00 Objective: To ensure that the terminal sets the CVM Results byte 3 to failed when the last CVM performed was not considered as successful Reference: 2RM.027.0 - Book 4 Section 2.3.4.5 - CVM Results Set When Last CVM Not Considered Successful Conditions: LT and Terminal support Cardholder verification Test is made with at least two CVM lists and behavior, for instance: * Offline PIN always and PIN not presented OK * CVM is 'Fail CVM, always' * Signature always and terminal does not support signature CDOL1 requests CVM results Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion CVM Results byte 3 shall be failed
Page 531
Page 532
Page 533
CDOL1 requests TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 1, bit 5 = 1 ie Card appears in Exception file
Page 534
2CM.033.00 Authorization Response Code Set When Terminal Accepts Transaction Offline
Test No. 2CM.033.00 Objective: To ensure that the terminal sets Authorization Response Code to Offline approved if result of Terminal Action Analysis is Offline Reference: 2RM.031.0 - Book 4 Section 2.3.6 - Authorization Response Code Set When Terminal Accepts Transaction Offline Conditions: IAC and TAC are set so that Transaction is approved Offline CDOL1 requests Authorization Response Code
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Authorization Response Code shall be Offline Approved whatever response of ICC
2CM.034.00 Authorization Response Code Set When Terminal Declines Transaction Offline
Test No. 2CM.034.00 Objective: To ensure that the terminal sets Authorization Response Code to Declined Offline if result of Terminal Action Analysis is to decline offline Reference: 2RM.032.0 - Book 4 Section 2.3.6 - Authorization Response Code Set When Terminal Declines Transaction Offline Conditions: IAC and TAC are set so that Transaction is declined offline CDOL1 requests Authorization Response Code
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Authorization Response Code shall be Declined Offline
Page 535
2CM.035.00 Authorization Response Code Not Set When Terminal Opts To Transmit Transaction Online
Test No. 2CM.035.00 Objective: To ensure that the terminal does not set Authorization Response Code to any value if result of Terminal Action Analysis is to transmit online Reference: 2RM.033.0 - Book 4 Section 2.3.6 - Authorization Response Code Not Set When Terminal Opts To Transmit Transaction Online Conditions: IAC and TAC are set so that Transaction is transmit online CDOL1 requests Authorization Response Code Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Authorization Response Code shall not be filled
Page 536
Page 537
2CM.040.00 Advice is Requested by Card and is Supported by the Terminal and transaction is captured
Test No. 2CM.040.00 Objective: To ensure that the terminal does not create an advice if the card requests it but the transaction is captured Reference: 2RM.038.0 - Book 4 Section 2.3.7 - Advice is Requested by Card and is Supported by the Terminal and transaction is captured Conditions: LT returns Advice required in first GENERATE AC Terminal acquirer interface protocol Supports Advices Transaction is captured (batch or online data capture) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The Terminal shall not transmit an advice message
Page 538
2CM.041.00 Advice is Requested by Card and is Supported by the Terminal and transaction is not captured
Test No. 2CM.041.00 Objective: To ensure that the terminal creates an advice if the card requests it and the transaction is not captured Reference: 2RM.039.0 - Book 4 Section 2.3.7 - Advice is Requested by Card and is Supported by the Terminal and transaction is not captured Conditions: LT returns Advice required in first GENERATE AC Terminal Supports acquirer interface protocol Advices Transaction is not captured (LT returns declined) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The Terminal shall either prepare an offline advice message or transmit an online advice message
Page 539
Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC Authentication). Pass Criteria: The terminal shall process the transaction until completion The terminal shall immediately perform a second Generate AC The terminal shall request for an AAC to the second Generate AC TVR byte 1, bit 3 = 1 i.e. Combined DDA/AC Generation failed TSI byte 1, bit 8 = 1 i.e. Offline Data Authentication was performed The terminal shall decline the transaction
Page 540
2CM.043.00 Terminal Decides To Accept or Decline Transaction and Issues 2nd GENERATE AC
Test No. 2CM.043.00 Objective: To ensure that the terminal issue a second GENERATE AC indicating the content of the Authorization Response Code, if transaction is processed online Reference: 2RM.041.0 - Book 4 Section 2.3.8 - Terminal Decides To Accept or Decline nd Transaction and Issues 2 GEN AC Conditions: Transaction is processed online Test 1: Issuer returns an Authorization Response Code indicating acceptance Test 2: Issuer returns an Authorization Response Code indicating decline Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a second GENERATE AC indicating TC for test 1 and AAC for test 2
Page 541
Page 542
Page 543
2CM.049.00 Issuer Script Results Set When Error Code Was Returned by Card
Test No. 2CM.049.00 Objective: To ensure that the terminal reports a script error in the Issuer Script Results. Reference: 2RM.048.0 - Book 4 Section 2.3.9 - Issuer Script Results Set When Error Code Was Returned by Card Conditions: Transaction is processed online Response contains one script LT returns an error to one of the command of the script (test can be made with several sequence number for the command that fails) Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Issuer Script Results (contained in Financial Confirmation message or Batch Data Captured message) shall have first nibble of byte one set to Script Processing failed and the second nibble shall contain the sequence number of the command that failed)
Page 544
2CM.050.00 Issuer Script Results Set When No Error Code Was Returned by Card
Test No. 2CM.050.00 Objective: To ensure that the terminal reports a script success in the Issuer Script Results. Reference: 2RM.049.0 - Book 4 Section 2.3.9 - Issuer Script Results Set When No Error Code Was Returned by Card Conditions: Transaction is processed online Response contains one script LT returns 90 00 to all command of the script Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Issuer Script Results (contained in Financial Confirmation message or Batch Data Captured message) shall have first nibble of byte one set to Script Processing successful and the second nibble set to 0
Page 545
Page 546
Page 547
Page 548
Page 549
Page 550
Page 551
2CM.059.00 Offline Terminal With Online Capability Shall Support Terminal Risk Management
Test No. 2CM.059.00 Objective: To ensure that the terminal supports Terminal Risk Management if it is offline with online capabilities Reference: 2RM.058.0 - Book 4 Section 2.4 - Offline Terminal With Online Capability Shall Support Terminal Risk Management Conditions: Terminal is Offline with online capabilities LT supports Terminal Risk Management Transaction Amount is above Terminal floor Limit Lower and Upper Consecutive Offline Limits are present in the LT ATC is not returned by GET DATA CDOL1 requests TSI and TVR Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion TVR byte 4, bit 8 = 1 ie Transaction exceeds floor limit TVR byte 4, bit 7 = 1 ie Lower Consecutive Offline Limit exceeded TVR byte 4, bit 6 = 1 ie Upper Consecutive Offline Limit exceeded TSI byte 1, bit 4 = 1 ie Terminal Risk Management was performed
Page 552
Page 553
Page 554
Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The Terminal shall indicate the Amount of transaction or print it on a receipt to the cardholder
Page 555
Page 556
Page 557
Page 558
2CM.068.00 Attended Terminal Displays Message When Card Requests Voice Referral
Test No. 2CM.068.00 Objective: To ensure that an attended terminal displays the Call Your Bank message, if the card requests a Referral in the response to first GENERATE AC Reference: 2RM.067.0 - Book 4 Section 2.5.2.1 - Attended Terminal Displays Message When Card Requests Voice Referral Conditions: Terminal is an attended terminal LT returns a Referral (AAR) in response to first GENERATE AC Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Terminal shall display the Call your Bank message
Page 559
2CM.070.00 Messages Displayed For Attendant to Indicate Approval or Denial of a Referral initiated by card
Test No. 2CM.070.00 Objective: To ensure that an attended terminal displays a message requesting the attendant to enter the response from the Bank, if the card requests a Referral in the response to first GENERATE AC Reference: 2RM.069.0 - Book 4 Section 2.5.2.1 - Messages Displayed For Attendant to Indicate Approval or Denial of a Referral initiated by card Conditions: Terminal is an attended terminal LT returns a Referral (AAR) in response to first GENERATE AC Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Terminal shall display a message requesting the attendant to enter the response from the Bank (after Call your Bank and data messages)
Page 560
2CM.071.00 Authorization Response Code Set as a Result of Referral Process initiated by card
Test No. 2CM.071.00 Objective: To ensure that an attended terminal sets the Authorization Response Code in accordance with response from the Bank entered if the card requests a Referral in the response to first GENERATE AC Reference: 2RM.070.0 - Book 4 Section 2.5.2.1 - Authorization Response Code Set as a Result of Referral Process initiated by card Conditions: Terminal is an attended terminal LT returns a Referral (AAR) in response to first GENERATE AC CDOL2 requests Authorization Response Code Test 1: transaction approved by the Bank Test 2: transaction declined by the Bank Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Authorization Response Code shall be Approved for test 1 and declined for test 2
Page 561
2CM.072.00 Terminal Issues Second GENERATE AC command as a Result of Referral Process initiated by card
Test No. 2CM.072.00 Objective: To ensure that if the card requests a Referral in the response to first GENERATE AC, an attended terminal does not send EXTERNAL AUTHENTICATE command and sends a second GENERATE AC command in accordance with response from the Bank entered Reference: 2RM.071.0 - Book 4 Section 2.5.2.1 - Terminal Issues Second GENERATE AC command as a Result of Referral Process initiated by card Conditions: Terminal is an attended terminal LT returns a Referral (AAR) in response to first GENERATE AC Test 1: transaction approved by the Bank Test 2: transaction declined by the Bank Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion LT shall not receive an EXTERNAL AUTHENTICATE command LT shall receive a second GENERATE AC command requesting a TC for test 1 and an AAC for test 2
Page 562
Page 563
2CM.074.00 Terminal Displays Message To Attendant When Issuer Requests Voice Referral
Test No. 2CM.074.00 Objective: To ensure that if the Authorization Response Code returned by the issuer, indicates a voice referral, an attended terminal displays the Call Your Bank message Reference: 2RM.073.0 - Book 4 Section 2.5.2.2 - Terminal Displays Message To Attendant When Issuer Requests Voice Referral Conditions: Terminal is an attended terminal Transaction is performed online (first GENERATE AC returns ARQC) Authorization Response Code returned in the response indicates a voice Referral Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Terminal shall display the Call your Bank message
Page 564
Page 565
2CM.076.00 Messages Displayed Requesting Attendant to Indicate Approval or Denial of a Referral initiated by issuer
Test No. 2CM.076.00 Objective: To ensure that if the Authorization Response Code returned by the issuer, indicates a voice referral, an attended terminal displays a message requesting the attendant to enter the response from the Bank Reference: 2RM.075.0 - Book 4 Section 2.5.2.2 - Messages Displayed Requesting Attendant to Indicate Approval or Denial of a Referral initiated by issuer Conditions: Terminal is an attended terminal Transaction is performed online (first GENERATE AC returns ARQC) Authorization Response Code returned in the response indicates a voice Referral Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Terminal shall display a message requesting the attendant to enter the response from the Bank (after Call your Bank and data messages)
Page 566
Page 567
Page 568
Page 569
Page 570
2CM.082.00 Terminal Sets Indicator When Attendant forces Approval of the Transaction
Test No. 2CM.082.00 Objective: To ensure that the terminal sets an indicator in the online advice or batch data capture if the attendant forced acceptance of the transaction. Reference: 2RM.081.0 - Book 4 Section 2.5.4 - Terminal Sets Indicator When Attendant forces Approval of the Transaction Conditions: Terminal is an attended terminal Transaction is performed online Attendant forces acceptance of the transaction Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The terminal shall set an indicator in the online advice or batch data capture that the attendant forced acceptance of the transaction
Page 571
Page 572
Page 573
Page 574
Page 575
Page 576
2CM.094.00 Calculation, Storage, and Display Date-Dependant Fields For Year 2000 +
Test No. 2CM.094.00 Objective: To ensure that the terminal is able to accurately calculate and store date dependent fields representing the year 2000 Reference: 2RM.094.0 - Book 4 Section 2.7.3 - Calculation, Storage, and Display DateDependant Fields For Year 2000 + Conditions: Internal Date in the terminal is set to different value (several tests) * 31/12/1999 23h 59min * 28/02/2000 23h 59min CDOL1 requests Transaction Date and Transaction Time Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion. Transaction Date shall have been updated to correct value: * 01/01/2000 * 29/02/2000
Page 577
Procedure: Visual inspection by the tester is required Pass Criteria: Enter Key shall be green Cancel Key shall be red Clear Key shall be yellow
Page 578
Page 579
Page 580
Page 581
Page 582
Page 583
Page 584
Page 585
Page 586
Page 587
Page 588
Page 589
Procedure: Application in LT is selected and transaction is processed with LT (in particular Enhanced Combined DDA/AC Authentication). Pass Criteria: The terminal shall decline the transaction after the 2nd Generate AC.
The following pass criteria only applies if the terminal has the ability to store declined transactions: TVR byte 1, bit 3 shall be set to 1 indicating Combined DDA/AC Generation failed.
Page 590
Page 591
Software Architecture
2CN.004.00 Data Elements are Initialised in Terminal
Test No. 2CN.004.00 Objective: To ensure that the data elements listed in "Data Elements Table" Book 3 Annex Aare initialized in the terminal or obtainable at the time of a transaction Reference: 2RN.004.0 - Book 4 Section 6 - Data Elements are Initialized in Terminal Conditions: CDOL1 requests (several tests can be made since length is too long to return all data: Acquirer Identifier Additional Terminal Capabilities Amount Authorized Amount Other Amount Reference Currency Application Identifier Application Version Number CVM Results Certification Authority Public Key Index Interface Device Serial Number Merchant Category Code Merchant Identifier POS Entry Mode Terminal Capabilities Terminal Country Code Terminal Floor Limit Terminal identification Terminal Risk Management Data Terminal Type Terminal Verification Results Transaction Currency Code Copyright 2002 EMVCo, LLC. All rights reserved Page 592
EMVCo Type Approval - Terminal Level 2 - Test Cases Transaction Currency Exponent Transaction Date Transaction Reference Currency Code Transaction Reference Currency Exponent Transaction Sequence Counter Transaction Status Information Transaction Time Transaction Type Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Data Element returned by the terminal shall have correct format and coherent value Acquirer Identifier Additional Terminal Capabilities Amount Authorized Amount Other Amount Reference Currency Application Identifier Application Version Number CVM Results Certification Authority Public Key Index Interface Device Serial Number Merchant Category Code Merchant Identifier POS Entry Mode Terminal Capabilities Terminal Country Code Terminal Floor Limit Terminal identification Terminal Risk Management Data Terminal Type Terminal Verification Results Transaction Currency Code Copyright 2002 EMVCo, LLC. All rights reserved n 6-11 b b or n 12 b or n 12 b b b b b an 8 n4 ans 15 n2 b n3 b an 8 b n2 b n3 Page 593
EMVCo Type Approval - Terminal Level 2 - Test Cases Transaction Currency Exponent Transaction Date Transaction Reference Currency Code Transaction Reference Currency Exponent Transaction Sequence Counter Transaction Status Information Transaction Time Transaction Type n1 n 6 (YYMMDD) n3 n1 n 4-8 b n 6 (HHMMSS) n2
Page 594
Page 595
Page 596
Page 597
Page 598
Page 599
Page 600
Page 601
Page 602
Page 603
Page 604
Page 605
Page 606
Page 607
2CO.025.00 Terminal Issues a 2nd GENERATE AC Command When Unable to Go Online (1)
Test No. 2CO.025.00 Objective: To ensure that the terminal set Authorization Response Code to Unable to go online, offline accepted and issues a second GENERATE AC indicating TC if the terminal accepts the transaction after not having been able to go online Reference: 2RO.025.0 - Book 4 Section 8.2.1 - Terminal Issues a 2 Command When Unable to Go Online (1)
nd
GENERATE AC
Conditions: Terminal Action Codes and Issuer Action Code Denial and Online have all bits set to 0b Issuer Actions Codes Default have all bits set to 0b First GENERATE AC response from LT is ARQC Terminal is unable to go online (no response received from issuer for instance) CDOL2 requests Authorization response Code Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a second GENERATE AC command requesting a TC Authorization response Code shall contain to Unable to go online, offline accepted
Page 608
2CO.026.00 Terminal Issues a 2nd GENERATE AC Command When Unable to Go Online (2)
Test No. 2CO.026.00 Objective: To ensure that the terminal set Authorization Response Code to Unable to go online, offline declined and issues a second GENERATE AC indicating AAC if the terminal declines the transaction after not having been able to go online Reference: 2RO.026.0 - Book 4 Section 8.2.1 - Terminal Issues a 2nd GENERATE AC Command When Unable to Go Online (2) Conditions: Terminal Action Codes and Issuer Action Code Denial and Online have all bits set to 0b Issuer Actions Codes Default have some bits set to 1b AIP, and Data in the LT are populated so that bits set to 1b in Issuer Action Code Default are set to 1b in the TVR during transaction processing (several tests can also be made for different bits set) First GENERATE AC response from LT is ARQC Terminal is unable to go online (no response received from issuer for instance) CDOL2 requests Authorization response Code Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion The LT shall receive a second GENERATE AC command requesting an AAC Authorization response Code shall contain to Unable to go online, offline declined
Page 609
Page 610
Page 611
Page 612
GENERATE AC
Conditions: Terminal Action Codes and Issuer Action Code Denial and Online have all bits set to 0b Issuer Actions Codes Default have all bits set to 0 First GENERATE AC response from LT is ARQC CDOL2 requests Authorization response Code Issuer returns incorrect authorization responses Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Terminal shall repeat the authorization request after incorrect or absent response The LT shall receive a second GENERATE AC command requesting a TC Authorization Response Code shall contain to Unable to go online, offline accepted
Page 613
GENERATE AC
Conditions: Terminal Action Codes and Issuer Action Code Denial and Online have all bits set to 0b Issuer Actions Codes Default have some bits set to 1b AIP, and Data in the LT are populated so that bits set to 1b in Issuer Action Code Default are set to 1b in the TVR during transaction processing (several tests can also be made for different bits set) First GENERATE AC response from LT is ARQC CDOL2 requests Authorization response Code Issuer returns incorrect authorization responses Procedure: Application in LT is selected and transaction is processed with LT Pass Criteria: The terminal shall process the transaction until completion Terminal shall repeat the authorization request after incorrect or absent response The LT shall receive a second GENERATE AC command requesting an AAC Authorization response Code shall contain to Unable to go online, offline declined
Page 614
Page 615
Page 616
Page 617
Page 618
Page 619
* Terminal operated by Financial Institutions 1x * Terminal operated by Merchant * Terminal operated by Cardholder * Online only * Offline with online capabilities * Offline only 2x 3x x1 or x4 x2 or x5 x3 or x6
Page 620
* Manual Key entry * Magnetic stripe * IC with contacts * Plaintext PIN verified by ICC * Enciphered PIN online * Signature * Offline Enciphered PIN verified by ICC * No CVM required * Static Data Authentication * Dynamic Data Authentication * Card capture
byte 1, b8 = 1 byte 1, b7 = 1 byte 1, b6 = 1 byte 2, b8 = 1 byte 2, b7 = 1 byte 2, b6 = 1 byte 2, b5 = 1 byte 2, b4 = 1 byte 3, b8 = 1 byte 3, b7 = 1 byte 3, b6 = 1
Page 621
EMVCo Type Approval - Terminal Level 2 - Test Cases * Code table 9: * Code table 8: * Code table 7: * Code table 6 * Code table 5: * Code table 4: * Code table 3: * Code table 2: * Code table 1: byte 4, b1 = 1 byte 5, b8 = 1 byte 5, b7 = 1 byte 5, b6 = 1 byte 5, b5 = 1 byte 5, b4 = 1 byte 5, b3 = 1 byte 5, b2 = 1 byte 5, b1 = 1
Page 623