MChip Advance - Common Personalization Specification (V1.1)
-
Upload
ahmed-hammam -
Category
Documents
-
view
1.406 -
download
249
description
Transcript of MChip Advance - Common Personalization Specification (V1.1)
M/Chip Advance
Common Personalization Specification
Version 1.1, October 2012
Page 2 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Proprietary Rights
The information contained in this document is proprietary and confidential to
MasterCard International Incorporated, one or more of its affiliated entities
(collectively “MasterCard”), or both.
This material may not be duplicated, published, or disclosed, in whole or in part,
without the prior written permission of MasterCard.
Trademarks
Trademark notices and symbols used in this manual reflect the registration status of
MasterCard trademarks in the United States. Please consult with the Customer
Operations Services team or the MasterCard Law Department for the registration
status of particular product, program, or service names outside the United States.
All third-party product and service names are trademarks or registered trademarks
of their respective owners.
Disclaimer
Implementation of this M/Chip™ Advance Card Application Specification requires
a separate license from MasterCard and may require a license from third party
intellectual property owners.
MasterCard makes no representations or warranties of any kind, express or implied,
with respect to the contents of this Specification. Without limitation, MasterCard
specifically disclaims all representations and warranties with respect to the
Specification and any intellectual property rights subsisting therein or any part
thereof, including but not limited to any and all implied warranties of title, non-
infringement, or suitability for any purpose (whether or not MasterCard has been
advised, has reason to know, or is otherwise in fact aware of any information).
Without limitation, MasterCard specifically disclaims all representations and
warranties that any practice or implementation of the Specification will not infringe
any third party patents, copyrights, trade secrets or other rights. Without limitation,
MasterCard specifically disclaims all representations and warranties in relation to
the Specifications, including but not limited to any and all implied warranties of
suitability for any purpose (whether or not MasterCard has been advised, has
reason to know, or is otherwise in fact aware of any information) or achievement of
any particular result.
MasterCard Worldwide
Chaussée de Tervuren, 198A
B-1410 Waterloo
Belgium
Email: [email protected]
www.mastercard.com
Table of Contents
©2012 MasterCard – Proprietary and Confidential Page 3 M/Chip Advance Common Personalization Specification October 2012
1 Using This Manual................................................................. 7
1.1 Purpose ........................................................................................................... 8
1.2 Audience ........................................................................................................ 8
1.3 Related Information ....................................................................................... 8
1.4 Abbreviations ................................................................................................. 9
1.5 Notational Conventions ............................................................................... 11 1.5.1 Hexadecimal Notational Convention ................................................... 11 1.5.2 Binary Notational Convention ............................................................. 11 1.5.3 Decimal Notational Convention .......................................................... 11
1.5.4 Data Object Notational Convention ..................................................... 11 1.5.5 State Notational Convention ................................................................ 11
1.5.6 C-APDU Notational Convention ......................................................... 12
1.6 Data Object Format ...................................................................................... 12
2 Implementation of EMV Personalization............................ 13
2.1 Overview ...................................................................................................... 14
2.2 Personalization State Machine for EMV Card Personalization ................... 14 2.2.1 Application Selection Use of the Personalization Flag ........................ 16 2.2.2 Personalized Application States ........................................................... 17
2.2.3 Non-Personalized Application States .................................................. 18
2.3 Select ............................................................................................................ 19
2.4 External Authenticate................................................................................... 20
2.5 Initialize Update ........................................................................................... 20
2.6 Store Data..................................................................................................... 20
2.6.1 Grouped Data Groupings ..................................................................... 21 2.6.2 Order of Data Groupings ..................................................................... 21
2.6.3 Version Control .................................................................................... 21 2.6.4 M/Chip Advance Data Groupings ....................................................... 21
3 Data Grouping Structures................................................... 23
3.1 Overview ...................................................................................................... 24
3.2 Data Groupings Reserved for Record Values .............................................. 24
3.3 Records and Data Grouping Identifiers ....................................................... 24
3.4 Files with SFI Between 1 and 10 ................................................................. 25
3.5 Files with SFI between 11 and 20 ................................................................ 29
3.6 Files with SFI between 21 and 30 ................................................................ 30
3.7 Pre-allocation of Record Memory ............................................................... 30
4 RSA Key Formats and Data Grouping Encryption ............ 31
4.1 Overview ...................................................................................................... 32
4.2 Form 1 .......................................................................................................... 32
4.3 Form 2 .......................................................................................................... 32
4.4 Encrypted Data Groupings ........................................................................... 33
Table of Contents
Page 4 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
5 DGI Definitions .................................................................... 35
5.1 Data Grouping Indicators ‘0B01’ to ‘0BFF’ ............................................... 37
5.2 Data Grouping Indicators ‘0E01’ to ‘0EFF’ ................................................ 37
5.3 Data Grouping Indicator ‘A001’ .................................................................. 37
5.4 Data Grouping Indicator ‘A002’ .................................................................. 37
5.5 Data Grouping Indicator ‘A012’ .................................................................. 38
5.6 Data Grouping Indicator ‘A022’ .................................................................. 39
5.7 Data Grouping Indicator ‘B010’ .................................................................. 39
5.8 Data Grouping Indicator ‘B023’ .................................................................. 40
5.9 Data Grouping Indicator ‘B002’ .................................................................. 40
5.10 Data Grouping Indicator ‘A004’ .................................................................. 40
5.11 Data Grouping Indicator ‘A005’ .................................................................. 40
5.12 Data Grouping Indicator ‘B005’ .................................................................. 41
5.13 Data Grouping Indicator ‘B104’ .................................................................. 41
5.14 Data Grouping Indicator ‘A007’ .................................................................. 42
5.15 Data Grouping Indicator ‘A017’ .................................................................. 42
5.16 Data Grouping Indicator ‘A027’ .................................................................. 42
5.17 Data Grouping Indicator ‘A008’ .................................................................. 42
5.18 Data Grouping Indicator ‘A009’ .................................................................. 43
5.19 Data Grouping Indicator ‘A00A’ ................................................................. 43
5.20 Data Grouping Indicator ‘A00B’ ................................................................. 44
5.21 Data Grouping Indicator ‘A00E’ ................................................................. 44
5.22 Data Grouping Indicator ‘B011’ to ‘B015’ ................................................. 45
5.23 Data Grouping Indicator ‘B016’ to ‘B01A’................................................. 45
5.24 Data Grouping Indicator ‘8000’—encrypted ............................................... 45
5.25 Data Grouping Indicator ‘8001’—encrypted ............................................... 45
5.26 Data Grouping Indicator ‘A006’—encrypted .............................................. 45
5.27 Data Grouping Indicator ‘A016’—encrypted .............................................. 46
5.28 Data Grouping Indicator ‘8101’—encrypted ............................................... 46
5.29 Data Grouping Indicator ‘8103’—encrypted ............................................... 46
5.30 Data Grouping Indicator ‘8201’—encrypted ............................................... 46
5.31 Data Grouping Indicator ‘8202’—encrypted ............................................... 47
5.32 Data Grouping Indicator ‘8203’—encrypted ............................................... 47
5.33 Data Grouping Indicator ‘8204’—encrypted ............................................... 47
5.34 Data Grouping Indicator ‘8205’—encrypted ............................................... 47
5.35 Data Grouping Indicator ‘8102’—encrypted ............................................... 48
5.36 Data Grouping Indicator ‘8104’—encrypted ............................................... 48
5.37 Data Grouping Indicator ‘8301’—encrypted ............................................... 48
5.38 Data Grouping Indicator ‘8302’—encrypted ............................................... 48
5.39 Data Grouping Indicator ‘8303’—encrypted ............................................... 49
5.40 Data Grouping Indicator ‘8304’—encrypted ............................................... 49
5.41 Data Grouping Indicator ‘8305’—encrypted ............................................... 49
Table of Contents
©2012 MasterCard – Proprietary and Confidential Page 5 M/Chip Advance Common Personalization Specification October 2012
5.42 Data Grouping Indicator ‘8010’—encrypted ............................................... 49
5.43 Data Grouping Indicator ‘8400’—encrypted ............................................... 50
5.44 Data Grouping Indicator ‘8401’—encrypted ............................................... 50
5.45 Data Grouping Indicator ‘9102’................................................................... 50
5.46 Data Grouping Indicator ‘9010’................................................................... 50
5.47 Data Grouping Indicator ‘9000’................................................................... 50
5.48 Data Grouping Indicator ‘A200’ .................................................................. 51
5.49 Data Grouping Indicator ‘A201’ .................................................................. 51
6 Profile Data Groupings ....................................................... 53
6.1 Conditional Data Groupings ........................................................................ 54
6.2 Data Grouping for Each M/Chip Advance Profile ...................................... 55
7 Data Preparation ................................................................. 59
7.1 Overview ...................................................................................................... 60
7.2 Records ........................................................................................................ 60
7.3 Data Groupings ............................................................................................ 61
7.4 Data Grouping Order ................................................................................... 61
7.5 Grouped Data Groupings ............................................................................. 61
7.6 Version Control ............................................................................................ 62
7.7 ENC Field .................................................................................................... 62
Table of Contents
Page 6 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Using This Manual
©2012 MasterCard – Proprietary and Confidential Page 7 M/Chip Advance Common Personalization Specification October 2012
1 Using This Manual
1.1 Purpose ....................................................................................................... 8
1.2 Audience .................................................................................................... 8 1.3 Related Information ................................................................................... 8 1.4 Abbreviations ............................................................................................. 9 1.5 Notational Conventions ........................................................................... 11 1.6 Data Object Format .................................................................................. 12
Using This Manual
Page 8 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
1.1 Purpose
The M/Chip Advance Common Personalization Specification defines how the dual
interface payment, contact only payment and data storage version of M/ChipTM
Advance are personalized in accordance with the EMV Card Personalization
Specification.
Personalization of the M/Chip Advance application following the EMV Card
Personalization Specification is recommended, but not mandatory.
1.2 Audience
MasterCard provides this manual for customers and their authorized agents.
Specifically, the following personnel should find this manual useful:
Card application developers
Card application personalizers
Data preparation bureaus
1.3 Related Information
The following references are used in this document. The latest version applies unless
a publication date is explicitly stated.
[EMV CPS] EMV Card Personalization Specification
[MCA] M/Chip Advance Card Application Specification, Payment and
Data Storage, Version 1.1
[MCA PD] M/Chip Advance Product Derivation, Version 1.0
V1.1
V1.1
Using This Manual
©2012 MasterCard – Proprietary and Confidential Page 9 M/Chip Advance Common Personalization Specification October 2012
1.4 Abbreviations
Table 1-1 contains the abbreviations used in this document.
Table 1-1—Abbreviations
Abbreviation Description
AC Application Cryptogram
AID Application Identifier
an Alphanumeric characters
ans Alphanumeric and Special characters
ARPC Authorization Response Cryptogram
ASCII American Standard Code for Information Interchange
ATC Application Transaction Counter
b Binary
BCD Binary Coded Decimal
C-APDU Command Application Protocol Data Unit
CBC Cipher Block Chaining
CDOL Card Risk Management Data Object List
CLA Class byte of command message
cn Compressed Numeric
CRM Card Risk Management
CRT Chinese Remainder Theorem
CVM Cardholder Verification Method
DDOL Dynamic Data Authentication Data Object List
DES Data Encryption Standard
DGI Data Grouping Identifier
DS Data Storage
DSPK Data Storage Partial Key
ECB Electronic Code-Book
EMV Europay MasterCard Visa
ENC Encryption Personalization Instructions
FCI File Control Information
IAD Issuer Application Data
ICC Integrated Circuit Card
IPK Issuer Public Key
ISO International Standards Organisation
V1.1
Using This Manual
Page 10 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Abbreviation Description
IVCVC3 Initialization Vector for CVC3 generation
KDCVC3 ICC Derived Key for CVC3 generation
Lc Number of bytes present in the data field of the C-APDU
MAC Message Authentication Code
MCADP M/Chip Advance Payment Application
MCADP-C M/Chip Advance Payment Contact Only Application
MCADS M/Chip Advance Payment and Data Storage Application
MTA Maximum Transaction Amount
n Numeric
OS Operating System
P1 Parameter 1
PAN Primary Account Number
PF Personalization Flag
PIN Personal Identification Number
RSA Rivest, Shamir, Adleman
SFI Short File Identifier
SKUDEK Personalization Session Key for Key and PIN Encryption
SMC Secure Messaging for Confidentiality
SMI Secure Messaging for Integrity
SW1-SW2 Status bytes 1-2
TLV Tag Length Value
VERCNTL Version Control Personalization Instructions
Using This Manual
©2012 MasterCard – Proprietary and Confidential Page 11 M/Chip Advance Common Personalization Specification October 2012
1.5 Notational Conventions
1.5.1 Hexadecimal Notational Convention
Values expressed in hexadecimal form are enclosed in single quotes.
For example, 27509 decimal is expressed in hexadecimal as '6B75'.
1.5.2 Binary Notational Convention
Values expressed in binary form are followed by a b.
For example, '08' hexadecimal is expressed in binary as 00001000b.
1.5.3 Decimal Notational Convention
Values expressed in decimal form are not enclosed in single quotes.
For example, '08' hexadecimal is expressed in decimal as 8.
1.5.4 Data Object Notational Convention
Data objects used for this specification are written in a specific font to distinguish
them from the text. The font depends on the type of data object (refer to the Data
Organization chapter in [MCA] for the definition of the different types of data
objects):
Persistent data objects:
Data Object Name
Example:
AC Master Key
To refer to a specific bit of a single byte multi-bit data object, a bit index is used
within brackets [_].
For example, P1[7] represents the 7th bit of the P1. The first bit (rightmost or least
significant) of a data object has index 1.
1.5.5 State Notational Convention
The application states of the M/Chip Advance application are written in a specific
format to distinguish them from the text:
state
Example:
Successful processing of the select(active interface, C-APDU) signal changes
the application state from idle to:
selected
or to selectednotenabled.
Using This Manual
Page 12 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
1.5.6 C-APDU Notational Convention
The C-APDUs supported by the M/Chip Advance application are written in a specific
format to distinguish them from the text:
COMMAND
Example:
GET PROCESSING OPTIONS
1.6 Data Object Format
Data objects that have the numeric (n) format are BCD encoded, right justified with
leading hexadecimal zeros. Data objects that have the compressed numeric (cn)
format are BCD encoded, left justified and padded with trailing 'F's. Note that the
length indicator in the numeric and compressed numeric format notational
conventions (e.g. n 4) specifies the number of digits and not the number of bytes.
Data objects that have the alphanumeric (an) or alphanumeric special (ans) format are
ASCII encoded, left justified and padded with trailing hexadecimal zeros.
Implementation of EMV Personalization
©2012 MasterCard – Proprietary and Confidential Page 13 M/Chip Advance Common Personalization Specification October 2012
2 Implementation of EMV Personalization
2.1 Overview .................................................................................................. 14
2.2 Personalization State Machine for EMV Card Personalization ............... 14 2.3 Select ........................................................................................................ 19 2.4 External Authenticate............................................................................... 20 2.5 Initialize Update ....................................................................................... 20 2.6 Store Data................................................................................................. 20
Implementation of EMV Personalization
Page 14 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
2.1 Overview
This chapter provides the information required by application developers to
implement EMV Card Personalization on M/Chip Advance.
2.2 Personalization State Machine for EMV Card Personalization
The addition of the personalization commands to the M/Chip Advance application
introduces new states to its state machine, to support the “personalization” phase.
The M/Chip Advance application has two distinct state machines:
The personalization state machine, defined in this specification
The operational state machine defined in [MCA], and [MCA PD].
Implementation of EMV Personalization
©2012 MasterCard – Proprietary and Confidential Page 15 M/Chip Advance Common Personalization Specification October 2012
Figure 2-1—M/Chip Advance Personalization State Machine.
The following sections describe how the M/Chip Advance application identifies which
phase (personalization or operational) it is in, and which states are applicable to each
phase.
idle
Selected not
personalizedselected
Selected not
enabled
initialized
personalizing
Selected
M/Chip Advance
Card Application
Specification
Select : Else
Select : '9000'
And PF=0bSelect : '9000'
And PF=1b
and interface
disabled
Select : '9000'
And PF=1b
and interface
enabled
Initialize Update :
'9000'
External
Authenticate : '9000'
Else
Else
Last Store
data : '9000'
and interface
disabled Last Store
data : '9000'
and interface
enabled
Store Data
: '9000' or '6A88'
Last Store Data
Implementation of EMV Personalization
Page 16 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
2.2.1 Application Selection Use of the Personalization Flag
[MCA] describes how the personalized M/Chip Advance applications reach the
selected or selectednotenabled state when it receives a SELECT signal
from the multi-application manager. However, the processing of the SELECT signal
is different when M/Chip Advance is not personalized. After processing the SELECT
signal, a non-personalized M/Chip Advance application will go to the
selectednotpersonalized state.
Therefore, in order for the M/Chip Advance application to process the SELECT signal
correctly, it must identify if personalization has taken place. It does so using the
Personalization Flag, a persistent data element consisting of a single bit. Table 2-1
describes the settings for the Personalization Flag.
Table 2-1—Personalization Flag Settings
b1 Meaning
0b M/Chip Advance not personalized.
1b M/Chip Advance personalized.
The M/Chip Advance application manages the Personalization Flag as follows:
Before the application is personalized, the Personalization Flag has a value of
0b. In this case, when the M/Chip Advance application receives a SELECT
signal, it will go to the selectednotpersonalized state and the
personalization state machine will apply.
The last personalization C-APDU processed by the M/Chip Advance
application, that is, the last STORE DATA command, sets the Personalization
Flag to 1b.
When the application is already personalized, the Personalization Flag has a
value of 1b. In this case, when the M/Chip Advance application receives a
SELECT signal, it will go to the selected or selectednotenabled,
and the operational state machine specified in [MCA] applies.
M/Chip Advance application can never reset the Personalization Flag. Once the
last STORE DATA processed by the M/Chip Advance application sets the
Personalization Flag to 1b, any further personalization commands are disabled.
Implementation of EMV Personalization
©2012 MasterCard – Proprietary and Confidential Page 17 M/Chip Advance Common Personalization Specification October 2012
The Personalization Flag is an internal flag with no external visibility. Providing the
external behavior of the M/Chip Advance application remains indistinguishable from
the behavior defined in these specifications, you may choose an alternative
implementation of the functionality achieved with the Personalization Flag. For
example, you may implement the functionality with a lower layer such as the card
operating system (OS), or with the multi-application manager.
Whatever form your implementation takes, the application switch between
personalization phase and operational phase must be triggered by the last STORE
DATA (P1[8] = 1b).
2.2.2 Personalized Application States
When the M/Chip Advance application is in its operational phase (that is,
personalized), it can reach the states defined in [MCA], described below:
Table 2-2—Application States Reached by a Personalized Application
State Description
idle Application is not currently selected
selected Application is selected and enabled
selectednotenabled Application is selected but is not enabled
initiated Transaction is initiated
online Application expects a connection with
the issuer
script Application is ready to accept a script
command from the issuer
Implementation of EMV Personalization
Page 18 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
2.2.3 Non-Personalized Application States
The addition of the personalization phase implies that the M/Chip Advance
application requires new states. The application uses these personalization states
during personalization, and uses the operational states defined in [MCA] after
personalization.
Table 2-3—Application States Reached by an Application Not Personalized
State Description
idle Application is not currently selected.
selectednotpersonalized Application is selected, but not personalized.
initialized Personalization is initialized
personalizing Application expects personalization values from
STORE DATA C-APDUs
2.2.3.1 Idle State
M/Chip Advance applications are in the idle state when they are inactive. This state
is the idle state defined in [MCA].
The only C-APDU that the M/Chip Advance application handles in this state is the
SELECT C-APDU. This C-APDU, represented as the SELECT signal, activates (that
is, selects) the application.
2.2.3.2 Selectednotpersonalized State
The M/Chip Advance application goes to the selectednotpersonalized state,
in each of the following situations:
When it is activated (that is, the first SELECT signal) and not yet
personalized.
When a new personalization session is started (that is, the SELECT signal).
This should never be used as the M/Chip Advance application should be
personalized in a single session.
When personalization is aborted, that is, whenever SW1-SW2 is not ‘9000’ or
‘6A88’ for the STORE DATA.
When in the selectednotpersonalized state, the M/Chip Advance application
only handles the INITIALIZE UPDATE C-APDU. This command initiates a new
personalization session.
Implementation of EMV Personalization
©2012 MasterCard – Proprietary and Confidential Page 19 M/Chip Advance Common Personalization Specification October 2012
2.2.3.3 Initialized State
The M/Chip Advance application goes to the initialized state after successful
processing of the INITIALIZE UPDATE C-APDU. In this state, a new
personalization session is initialized.
In the initialized state, the M/Chip Advance application only handles the
EXTERNAL AUTHENTICATE C-APDU. This C-APDU is used to create a secure
channel between the M/Chip Advance application and the personalization device.
2.2.3.4 Personalizing State
The M/Chip Advance application goes to the personalizing state after successful
processing of the EXTERNAL AUTHENTICATE C-APDU. In this state, the
application is ready to receive personalization values through a series of STORE
DATA C-APDUs.
The STORE DATA keeps the application in the personalizing state so that a
sequence of STORE DATA commands can be used to personalize the entire
application.
The last STORE DATA has a specific meaning. It completes the personalization and
terminates the application’s ability to process STORE DATA. The state reached by
the application after the last STORE DATA can be one of the following:
idle
selected or selectednotenabled
selectednotpersonalized
personalizing
The implementer may select the destination state for the last STORE DATA.
MasterCard recommends the destination state idle.
2.3 Select
Refer to the EMV Card Personalization Specification for a definition of the SELECT
command when the application is not yet personalized (Personalization Flag = 0b).
After pre-personalization, the response to the SELECT is the pre-personalization FCI
and SW1- -personalization FCI is not interpreted by the
personalization device. As a consequence, the value of the pre-personalization FCI is
left to the implementation. The pre-personalization FCI may follow the ‘6F’
template. It may even be empty (that is, the response only consists of SW1-SW2).
Implementation of EMV Personalization
Page 20 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
2.4 External Authenticate
Refer to the EMV Card Personalization Specification for a definition of the
EXTERNAL AUTHENTICATE command.
The M/Chip Advance application must support the three security levels allowed in
EMV Card Personalization (coded in P1), described in Table 2-4.
Table 2-4—Security Levels Allowed by EMV Card Personalization
b8 b7 b6 b5 b4 b4 b3 b2 b1 Description
0 0 0 0 0 0 0 1 1 Encryption and MAC
0 0 0 0 0 0 0 0 1 MAC
0 0 0 0 0 0 0 0 0 No Security
2.5 Initialize Update
Refer to the EMV Card Personalization Specification for a definition of the
INITIALIZE UPDATE command.
2.6 Store Data
Refer to the EMV Card Personalization Specification for a definition of the STORE
DATA command.
Depending on the security level set in the EXTERNAL AUTHENTICATE, the
M/Chip Advance application:
Does not verify a MAC and do not CBC-decrypt the STORE DATA
(EXTERNAL AUTHENTICATE P1= ‘00’)
Verifies the MAC (EXTERNAL AUTHENTICATE P1 = ‘01’)
CBC-decrypts the STORE DATA and verifies the MAC (EXTERNAL
AUTHENTICATE P1= ‘03’)
Since the application supports the three security levels defined in the EXTERNAL
AUTHENTICATE, the application supports both the CLA = ‘80’ and CLA = ‘84’ for
the STORE DATA.
The implementer may choose one of the following options:
The application supports extended command data length for the STORE
DATA.
The application supports data grouping data spanning several STORE DATA,
as specified in the EMV Card Personalization Specification. In this case, the
Implementation of EMV Personalization
©2012 MasterCard – Proprietary and Confidential Page 21 M/Chip Advance Common Personalization Specification October 2012
application must accept STORE DATA containing up to 255 bytes of data
(that is, Lc = 255). Data preparation may split any data grouping over several
STORE DATA.
The last STORE DATA ends the personalization phase, irrespective of the data
groupings received by the M/Chip Advance application.
The M/Chip Advance application identifies the last STORE DATA using the STORE
DATA P1[8] = 1b.
2.6.1 Grouped Data Groupings
The M/Chip Advance application should be able to process several data groupings
grouped in a single STORE DATA. Grouping of data groupings is defined during
data preparation. The application parses the STORE DATA command to extract the
data groupings and processes them individually.
MasterCard recommends that the M/Chip Advance application accepts the data
groupings regardless of the order in which they are grouped in a single STORE
DATA.
2.6.2 Order of Data Groupings
MasterCard recommends that the order in which data groupings are received has no
impact on the processing of the STORE DATA. Applications should not expect the
data groupings in any specific sequence. If the implementation imposes constraints
on the sequence of data groupings, it is the responsibility of the application developer
to provide this information to the issuers and data preparation bureaus.
2.6.3 Version Control
When the M/Chip Advance application receives data groupings that are not
recognized (that is, the DGI is not supported by the application), the M/Chip Advance
application ignores them and processes the next data grouping. The response to the
STORE DATA is SW1-SW2 = ‘6A88’, even if there are other data groupings in the
STORE DATA which the application can recognize. In this case, the M/Chip
Advance application remains in the state, personalizing.
Data Preparation avoids grouping data groupings that may not be recognized with
other recognized data groupings in a single STORE DATA.
2.6.4 M/Chip Advance Data Groupings
The M/Chip Advance data groupings are described in detail in the following chapters:
Chapter 3 describes data groupings corresponding to records in files.
Chapter 5 defines the contents of the each DGI.
Chapter 6 describes which data groupings are applicable to each M/Chip
Advance profile and its supported options.
Implementation of EMV Personalization
Page 22 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Some implementations of M/Chip Advance applications may require additional data
groupings to be personalized and may not require all the data groupings identified in
these specifications. However, these differences should be minimal.
Data Grouping Structures
©2012 MasterCard – Proprietary and Confidential Page 23 M/Chip Advance Common Personalization Specification October 2012
3 Data Grouping Structures
3.1 Overview .................................................................................................. 24
3.2 Data Groupings Reserved for Record Values .......................................... 24 3.3 Records and Data Grouping Identifiers ................................................... 24 3.4 Files with SFI Between 1 and 10 ............................................................. 25 3.5 Files with SFI between 11 and 20 ............................................................ 29 3.6 Files with SFI between 21 and 30 ............................................................ 30
3.7 Pre-allocation of Record Memory ........................................................... 30
Data Grouping Structures
Page 24 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
3.1 Overview
This chapter explains the relationship between records and data groupings, specifies
the structure of data groupings for data stored in files with an SFI between 1 and 30,
and describes the need to pre-allocate memory to store the records.
3.2 Data Groupings Reserved for Record Values
Some data groupings are reserved for record values. They are identified with DGI in
the range ‘XXYY’ where:
‘01’ < = ‘XX’ < = ‘1E’ and
‘01’ < = ‘YY’ < = ‘FF’
‘XX’ represents the SFI where the record is stored. ‘YY’ represents the record
number.
Furthermore:
‘01’ < = ‘XX’ < = ‘0A’ represents files governed by EMV
‘0B’ < = ‘XX’ < = ‘14’ represents files governed by MasterCard
‘15’ < = ‘XX’ < = ‘1E’ represents files governed by the issuer
If the card does not support extended command data length, data preparation may split
any of these data groupings over more than one STORE DATA.
MasterCard does not mandate the file and record structure for the personalization of
these files.
3.3 Records and Data Grouping Identifiers
For EMV applications, the persistent data elements stored in files with an SFI
between 1 and 30, are stored in records and are retrievable with the READ RECORD
command. A record is always the value of a data grouping.
During personalization, the M/Chip Advance application receives a series of STORE
DATA commands corresponding to the record values and then stores the record
values in records. For EMV Card Personalization, the M/Chip Advance application
must have the permanent memory available to store such records, using one of the
following methods:
The pre-allocation of the memory and file structure
The allocation of the memory and file structure during personalization
Data Grouping Structures
©2012 MasterCard – Proprietary and Confidential Page 25 M/Chip Advance Common Personalization Specification October 2012
3.4 Files with SFI Between 1 and 10
For EMV applications, the persistent data elements stored in files with an SFI
between 1 to 10, are stored in records following the ‘70’ template and are retrievable
with the EMV version 4.1 READ RECORD command.
The M/Chip Advance application, in both non-personalized and personalized states,
does not interpret the data elements stored in these records but instead interpret the
record itself (for example, for a personalized M/Chip Advance application, to build the
response message to the READ RECORD command).
Table 3-1 illustrates a possible organization of data elements for M/Chip
Advance for a contact-only profile with the RSA option. The issuer defines how the
data elements are organized and must be able to add proprietary data elements, in
addition to the data elements shown in this table.
Table 3-1—Example of EMV Record Organization
Data Group Identifier (DGI)
Tag Data Element Length of Data Element
‘0101’
‘57’ Track 2 Equivalent Data 16
‘5F28’ Issuer Country Code 2
‘5F20’ Cardholder Name 26
‘9F0B’ Cardholder Name Extended 30
Total Record
Length
89
‘0201’
‘8F’ Certificate Authority Public Key
Index
1
‘90’ Issuer Public Key (IPK) Certificate 144
‘92’ IPK Remainder 36
Total Record
Length
191
‘0202’
‘9F32’ IPK Exponent 1
‘9F2E’ ICC PIN Encipherment Public Key
Exponent
1
‘9F47’ ICC Public Key Exponent 1
‘93’ Signed Static Application Data 144
Total Record
Length
162
Data Grouping Structures
Page 26 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Data Group Identifier (DGI)
Tag Data Element Length of Data Element
‘0203’
‘9F46’ ICC Public Key Certificate 144
‘9F48’ ICC Public Key Remainder 42
Total Record
Length
196
‘0204’
‘9F2D’ ICC PIN Encipherment Public Key
Certificate
144
‘9F2F’ ICC PIN Encipherment Public Key
Remainder
42
Total Record
Length
196
‘0301’
‘5F25’ Application Effective Date 3
‘5F24’ Application Expiration Date 3
‘9F07’ Application Usage Control 2
‘5A’ Application Primary Account
Number (PAN)
12
‘5F34’ Application PAN Sequence Number 2
‘8E’ Cardholder Verification Method
(CVM) List
18
‘9F0D’ Issuer Action Code (IAC) Default 5
‘9F0E’ IAC Denial 5
‘9F0F’ IAC Online 5
‘8C’ CDOL1 33
‘8D’ CDOL2 12
Total Record
Length
132
‘0302’
‘9F4A’ SDA Tag List 1
‘9F49’ DDOL 4
‘9F44’ Application Currency Exponent 1
‘9F42’ Application Currency Code 2
‘5F30’ Service Code 2
‘9F08’ Application Version Number 2
Data Grouping Structures
©2012 MasterCard – Proprietary and Confidential Page 27 M/Chip Advance Common Personalization Specification October 2012
Data Group Identifier (DGI)
Tag Data Element Length of Data Element
Total Record
Length
32
Some data groupings are reserved for EMV record values. These data groupings are
identified with data grouping Identifiers (DGI) in the range in the range ‘XXYY’
where:
‘01’< = ‘XX’ < = ‘0A’ and
‘01’< = ‘YY’ < = ‘FF’
There are therefore ten files in which EMV records can be stored. Each file may
contain up to 255 records. However, the M/Chip Advance application does not reach
these limits.
Either before or after the personalization of the M/Chip Advance application, the
following are determined:
The files (that is, values for ‘XX’) used to store EMV values
The records (that is, values for ‘YY’) used and the length reserved for each
record
Some M/Chip Advance application implementations do not need to determine the
organization of data in records before personalization, as M/Chip Advance does not
require a file system and the applications can simulate the files and records
themselves.
Other implementations will need to determine the organization of data in records
before personalization. This is the case, for example, when a real file system is used
to store the records and when the file structure cannot be created by the applications.
The following requirements apply to the organization of these EMV records into files:
An issuer may request 3072 bytes of memory to store EMV records for
M/Chip Advance.
An issuer may store these bytes in any file with an SFI between 1 and 10 (for
example, in SFI 1 and 2, or in SFI 1, 3, 4 or in SFI 5, 6, 8, 9).
An issuer may request each file to support any number of records, provided
the total number of records is less than or equal to 16 (for example, two
records in file 1, three records in file 2, etc.).
An issuer may request records with a record length of up to 247 bytes.
In other words, allocation of the EMV data to files and records can be performed in
any file with an SFI between 1 to 10 and any record, provided that:
The total memory for records needed does not exceed 3072 bytes for M/Chip
Advance
The total number of records does not exceed 16
Data Grouping Structures
Page 28 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
The length of records does not exceed 247 bytes (for records with an SFI
between 1 and 10) including the tag ‘70’ and the length byte(s)
Implementations may support:
More than 3072 bytes
More than 16 records
Records with a length greater than 247 bytes
Depending on the nature of an M/Chip Advance implementation, some
implementations will support the above requirements without the need to prepare the
card before personalization to meet an issuer’s data organization needs whilst other
implementations will need to be customized before personalization.
Although the maximum memory requirement for M/Chip Advance is 3072 for EMV
files, different M/Chip Advance profiles may have lesser amounts. The EMV File
memory requirements for the different M/Chip Advance profiles are given in
Table 3-2.
Table 3-2—EMV File Memory Requirements
M/Chip Advance Profile EMV File memory requirement
Payment and Data Storage 3072
Payment with RSA 3072
Payment with SDA 2560
Contact only Payment with RSA 2048
Contact only Payment with SDA 1536
Table 3-3 provides an example of the organization of EMV records in files with an
SFI between 1 and 10. Each row corresponds to an SFI between 1 and 10. Each
column corresponds to a record number up to 16. Each entry represents the length
reserved for the record.
Table 3-3—Example of EMV Data Element Record Usage
Record Number
Short File Identifier (SFI)
‘01’ ‘02’ ‘03’ ‘04’ … ‘10’
‘01’ 89 0 0 0 …
‘02’ 191 162 196 196 …
‘03’ 132 32 0 0 …
… ... … … … … …
‘0A’
Data Grouping Structures
©2012 MasterCard – Proprietary and Confidential Page 29 M/Chip Advance Common Personalization Specification October 2012
3.5 Files with SFI between 11 and 20
Some data groupings are reserved for MasterCard records. These data groupings are
identified with DGI’s with a value of ‘XXYY’, where:
‘XX’ > = ‘0B’
‘XX’ < = ‘14’
Among those DGI’s, ‘XX’ = ‘0B’ and ‘XX’ = ‘0E’ are defined for M/Chip Advance
applications. These DGI’s represent records used to store the logs of transactions
(SFI = 11) and records used for Data Storage (SFI = 14). Depending on the product
profile and/or implementation, they may or may not need to be personalized.
M/Chip Advance applications do not have to support DGIs for records in other files
with an SFI between 11 and 20.
If Data Storage records are to be personalized, the following structure shall be used.
Table 3-4—Data Storage Record Structure
T L V
'E5' var. up to
205
T L V
'DF01' 8 Operator Identifier
'DF02' 1 Digest Status
'DF03' 8 Digest
'DF04' 1 Slot Management Control
'DF05' 8 Summary
'DF06' var. up to 160 Operator Data Set Card
The M/Chip Advance implementation shall support the following requirements.
There shall be at least 208 bytes of storage for each Data Storage record
(known as a slot).
The Data Storage File (SFI 14) shall contain records for at least 5 data slots (at
least 1040 bytes). It is left to the implementation to extend the number of
records in the Data Storage File.
The number of records in the Data Storage File is stored in a data element
called DS Number Of Slots.
Data Grouping Structures
Page 30 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
3.6 Files with SFI between 21 and 30
Some data groupings are reserved for Issuer record values. These data groupings are
identified with DGIs with a value of ‘XXYY’, where:
‘XX’ > = ‘15’
‘XX’ < = ‘1E’
M/Chip Advance applications do not have to support these DGI values.
3.7 Pre-allocation of Record Memory
In some M/Chip Advance application implementations, the memory used to store
records must be pre-allocated before the application personalization.
The issuer (or the personalizer) and the application provider should therefore agree on
the files, records and record lengths required for the personalization. Table 3-5
provides information to support this process.
Table 3-5—Memory of Pre-allocation for Records
Record Number
Short File Identifier (SFI)
‘01’ ‘02’ … ‘YY’
‘01’ Maximum
length for
‘0101’ Maximum
length for
‘0102’ … Maximum
length for
‘01YY’
… ... … … …
‘XX’ Maximum
length for
‘XX01’
Maximum
length for
‘XX02’
Maximum
length for
‘XXYY’
RSA Key Formats and Data Grouping Encryption
©2012 MasterCard – Proprietary and Confidential Page 31 M/Chip Advance Common Personalization Specification October 2012
4 RSA Key Formats and Data Grouping Encryption
4.1 Overview .................................................................................................. 32
4.2 Form 1 ...................................................................................................... 32 4.3 Form 2 ...................................................................................................... 32 4.4 Encrypted Data Groupings ....................................................................... 33
RSA Key Formats and Data Grouping Encryption
Page 32 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
4.1 Overview
This chapter explains the possible key formats used for RSA keys, and provides
information concerning the encryption of data grouping.
4.2 Form 1
According to RSA, S = md mod n, where m is the data to be signed or decrypted, n is
the card key modulus and d is the card private key exponent. The modulus, n, is
created as the product of two prime numbers, p and q. Table 4-6 provides the cross
reference between the mathematical variable and the data element name.
Table 4-6—Cross Reference between Mathematical Variable and Data Element
Data Element Variable
ICC Private Key Exponent or ICC PIN Encipherment
Private Key
d
ICC Private Key Modulus or ICC PIN Encipherment
Private Key Modulus
n
As the data for data elements in Table 4-6 are ECB-encrypted in their data grouping,
they must be padded. Refer to the EMV Card Personalization Specification for a
definition of the padding rules.
4.3 Form 2
The secret key is personalized by its CRT components. According to RSA,
S = md mod n, where m is the data to be signed or decrypted, n is the card key
modulus and d is the card private key exponent. The modulus, n, is created as the
product of two prime numbers, p and q. Table 4-7 provides the cross reference
between the mathematical names and the data.
Table 4-7—Cross Reference between Mathematical Variable and Data Element
Name Given in This Document Variable
CRT constant q-1
mod p q-1
mod p
CRT constant d mod (q-1
) d mod (q-1
)
CRT constant d mod (p-1
) d mod (p-1
)
CRT constant prime factor q q
CRT constant prime factor p p
RSA Key Formats and Data Grouping Encryption
©2012 MasterCard – Proprietary and Confidential Page 33 M/Chip Advance Common Personalization Specification October 2012
4.4 Encrypted Data Groupings
Some data groupings described in the following sections contain data that is always
ECB-encrypted. They are identified with —encrypted following the DGI. The other
data groupings may not be ECB-encrypted.
With the exception of the DES keys and the PIN Block, all encrypted data must be
padded. Refer to the EMV Card Personalization Specification for a definition of the
padding rules.
RSA Key Formats and Data Grouping Encryption
Page 34 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 35 M/Chip Advance Common Personalization Specification October 2012
5 DGI Definitions
5.1 Data Grouping Indicators ‘0B01’ to ‘0BFF’ ........................................... 37
5.2 Data Grouping Indicators ‘0E01’ to ‘0EFF’ ............................................ 37 5.3 Data Grouping Indicator ‘A001’ .............................................................. 37 5.4 Data Grouping Indicator ‘A002’ .............................................................. 37 5.5 Data Grouping Indicator ‘A012’ .............................................................. 38 5.6 Data Grouping Indicator ‘A022’ .............................................................. 39
5.7 Data Grouping Indicator ‘B010’ .............................................................. 39 5.8 Data Grouping Indicator ‘B023’ .............................................................. 40 5.9 Data Grouping Indicator ‘B002’ .............................................................. 40
5.10 Data Grouping Indicator ‘A004’ .......................................................... 40 5.11 Data Grouping Indicator ‘A005’ .......................................................... 40 5.12 Data Grouping Indicator ‘B005’ .......................................................... 41 5.13 Data Grouping Indicator ‘B104’ .......................................................... 41
5.14 Data Grouping Indicator ‘A007’ .......................................................... 42
5.15 Data Grouping Indicator ‘A017’ .......................................................... 42 5.16 Data Grouping Indicator ‘A027’ .......................................................... 42 5.17 Data Grouping Indicator ‘A008’ .......................................................... 42
5.18 Data Grouping Indicator ‘A009’ .......................................................... 43 5.19 Data Grouping Indicator ‘A00A’ ......................................................... 43
5.20 Data Grouping Indicator ‘A00B’ ......................................................... 44 5.21 Data Grouping Indicator ‘A00E’ ......................................................... 44 5.22 Data Grouping Indicator ‘B011’ to ‘B015’ ......................................... 45
5.23 Data Grouping Indicator ‘B016’ to ‘B01A’......................................... 45 5.24 Data Grouping Indicator ‘8000’—encrypted ....................................... 45
5.25 Data Grouping Indicator ‘8001’—encrypted ....................................... 45 5.26 Data Grouping Indicator ‘A006’—encrypted ...................................... 45
5.27 Data Grouping Indicator ‘A016’—encrypted ...................................... 46 5.28 Data Grouping Indicator ‘8101’—encrypted ....................................... 46 5.29 Data Grouping Indicator ‘8103’—encrypted ....................................... 46 5.30 Data Grouping Indicator ‘8201’—encrypted ....................................... 46
5.31 Data Grouping Indicator ‘8202’—encrypted ....................................... 47 5.32 Data Grouping Indicator ‘8203’—encrypted ....................................... 47 5.33 Data Grouping Indicator ‘8204’—encrypted ....................................... 47 5.34 Data Grouping Indicator ‘8205’—encrypted ....................................... 47 5.35 Data Grouping Indicator ‘8102’—encrypted ....................................... 48
5.36 Data Grouping Indicator ‘8104’—encrypted ....................................... 48
5.37 Data Grouping Indicator ‘8301’—encrypted ....................................... 48
5.38 Data Grouping Indicator ‘8302’—encrypted ....................................... 48 5.39 Data Grouping Indicator ‘8303’—encrypted ....................................... 49 5.40 Data Grouping Indicator ‘8304’—encrypted ....................................... 49 5.41 Data Grouping Indicator ‘8305’—encrypted ....................................... 49 5.42 Data Grouping Indicator ‘8010’—encrypted ....................................... 49
5.43 Data Grouping Indicator ‘8400’—encrypted ....................................... 50 5.44 Data Grouping Indicator ‘8401’—encrypted ....................................... 50
DGI Definitions
Page 36 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
5.45 Data Grouping Indicator ‘9102’........................................................... 50
5.46 Data Grouping Indicator ‘9010’........................................................... 50 5.47 Data Grouping Indicator ‘9000’........................................................... 50 5.48 Data Grouping Indicator ‘A200’ .......................................................... 51 5.49 Data Grouping Indicator ‘A201’ .......................................................... 51
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 37 M/Chip Advance Common Personalization Specification October 2012
5.1 Data Grouping Indicators ‘0B01’ to ‘0BFF’
Data Element Length
Log of the Current Transaction x (x = 1..10 or more) 76
5.2 Data Grouping Indicators ‘0E01’ to ‘0EFF’
Data Element Length
Data Storage record x (x = 1..5 or more) 208
5.3 Data Grouping Indicator ‘A001’
Data Element Length
FCI [10, 128]
This data grouping is only supported when DGI ‘9102’ defined in the EMV Card
Personalization Specification is not supported. The difference between this data
grouping and ‘9102’ is:
For ‘A001’, the whole FCI is personalized, that is, the value starts with
‘6F…’.
For ‘9012’, only the FCI proprietary template is personalized, that is, the value
starts with ‘A5…’.
If this DGI is supported, as a minimum any FCI with length in [10, 128] can be used.
5.4 Data Grouping Indicator ‘A002’
Data Element Length
Accumulator 1 Currency Code 2
Accumulator 1 Currency Conversion Table 25
Accumulator 1 Lower Limit 6
Accumulator 1 Upper Limit 6
Accumulator 2 Currency Code 2
Accumulator 2 Currency Conversion Table 25
DGI Definitions
Page 38 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Data Element Length
Accumulator 2 Lower Limit 6
Accumulator 2 Upper Limit 6
Additional Check Table 18
CDOL1 Related Data Length 1
Counter 1 Lower Limit 1
Counter 1 Upper Limit 1
Counter 2 Lower Limit 1
Counter 2 Upper Limit 1
CRM Country Code 2
Cryptogram Version Number V2.x 1
Default ARPC Response Code 2
Interface Enabling Switch 1
MTA Currency Code 2
Number Of Days Off Line Limit 2
5.5 Data Grouping Indicator ‘A012’
Data Element Length
Accumulator 1 Control (Contact) 1
Accumulator 1 CVR Dependency Data (Contact) 3
Accumulator 2 Control (Contact) 1
Accumulator 2 CVR Dependency Data (Contact) 3
Application Control (Contact) 6
Card Issuer Action Code (Contact) – Decline 3
Card Issuer Action Code (Contact) – Default 3
Card Issuer Action Code (Contact) – Online 3
Counter 1 Control (Contact) 1
Counter 1 CVR Dependency Data (Contact) 3
Counter 2 Control (Contact) 1
Counter 2 CVR Dependency Data (Contact) 3
CVR Issuer Discretionary Data (Contact) 1
Interface Identifier (Contact) 1
MTA CVM (Contact) 6
MTA NoCVM (Contact) 6
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 39 M/Chip Advance Common Personalization Specification October 2012
Data Element Length
Read Record Filter (Contact) Var.
5.6 Data Grouping Indicator ‘A022’
Data Element Length
Accumulator 1 Control (Contactless) 1
Accumulator 1 CVR Dependency Data (Contactless) 3
Accumulator 2 Control (Contactless) 1
Accumulator 2 CVR Dependency Data (Contactless) 3
Application Control (Contactless) 6
Card Issuer Action Code (Contactless) – Decline 3
Card Issuer Action Code (Contactless) – Default 3
Card Issuer Action Code (Contactless) – Online 3
Counter 1 Control (Contactless) 1
Counter 1 CVR Dependency Data (Contactless) 3
Counter 2 Control (Contactless) 1
Counter 2 CVR Dependency Data (Contactless) 3
CVR Issuer Discretionary Data (Contactless) 1
Interface Identifier (Contactless) 1
MTA CVM (Contactless) 6
MTA NoCVM (Contactless) 6
Read Record Filter (Contactless) Var.
5.7 Data Grouping Indicator ‘B010’
Data Element Length
IVCVC3(Track1) (Contact) 2
IVCVC3(Track2) (Contact) 2
V1.1
DGI Definitions
Page 40 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
5.8 Data Grouping Indicator ‘B023’
Data Element Length
IVCVC3(Track1) (Contactless) 2
IVCVC3(Track2) (Contactless) 2
5.9 Data Grouping Indicator ‘B002’
Data Element Length
Log Data Table 9
Log Format Var.
5.10 Data Grouping Indicator ‘A004’
Data Element Length
Length Of ICC Public Key Modulus 1
Length Of ICC PIN Encipherment Public Key Modulus 1
5.11 Data Grouping Indicator ‘A005’
Data Element Length
Application Interchange Profile (Contact) 2
Application File Locator (Contact) Var.
The length of the Application File Locator (Contact) varies according to the
organization of data elements in records. It must have a memory space allocation of
at least 32 bytes.
This DGI is only supported when DGI ‘9104’ defined in the EMV Card
Personalization Specification is not supported. The differences between this data
grouping and ‘9104’ are:
For ‘A005’, only values of the Application Interchange Profile (Contact) and
the Application File Locator (Contact) are personalized, without TLV-coding.
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 41 M/Chip Advance Common Personalization Specification October 2012
For ‘9104’, the values of the Application Interchange Profile (Contact) and
the Application File Locator (Contact) are TLV-coded.
5.12 Data Grouping Indicator ‘B005’
Data Element Length
Application Interchange Profile (Contactless) 2
Application File Locator (Contactless) Var.
The length of the Application File Locator (Contactless) varies according to the
organization of data elements in records. It must have a memory space allocation of
at least 32 bytes.
This DGI is only supported when DGI ‘B104’ is not supported. The differences
between this data grouping and ‘B104’ are:
For ‘B005’, only values of the Application Interchange Profile (Contactless)
and the Application File Locator (Contactless) are personalized, without TLV-
coding.
For ‘B104’, the values of the Application Interchange Profile (Contactless)
and the Application File Locator (Contactless) are TLV-coded.
5.13 Data Grouping Indicator ‘B104’
Data Element Length
Application Interchange Profile (Contactless) 2
Application File Locator (Contactless) Var.
The length of the Application File Locator (Contactless) varies according to the
organization of data elements in records. It must have a memory space allocation of
at least 32 bytes.
This DGI is only supported when DGI ‘B005’ is not supported. The differences
between this data grouping and ‘B005’ are:
For ‘B005’, only values of the Application Interchange Profile (Contactless)
and the Application File Locator (Contactless) are personalized, without TLV-
coding.
DGI Definitions
Page 42 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
For ‘B104’, the values of the Application Interchange Profile (Contactless)
and the Application File Locator (Contactless) are TLV-coded.
5.14 Data Grouping Indicator ‘A007’
Data Element Length
Application Transaction Counter Limit 2
Previous Transaction History 1
5.15 Data Grouping Indicator ‘A017’
Data Element Length
AC Session Key Counter Limit (Contact) 2
Key Derivation Index (Contact) 1
SMI Session Key Counter Limit (Contact) 2
5.16 Data Grouping Indicator ‘A027’
Data Element Length
AC Session Key Counter Limit (Contactless) 2
Key Derivation Index (Contactless) 1
SMI Session Key Counter Limit (Contactless) 2
5.17 Data Grouping Indicator ‘A008’
Data Element Length
PIN Decipherments Error Counter Limit 2
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 43 M/Chip Advance Common Personalization Specification October 2012
5.18 Data Grouping Indicator ‘A009’
Data Element Length
Application Life Cycle Data Var., up to 48
bytes
Due to the possible separation between the loading of the application code and the
personalization data on the hardware, only part of the Application Life Cycle Data
may be personalized.
5.19 Data Grouping Indicator ‘A00A’
This data grouping contains all data not identified in other data groupings, which may
be personalized to ‘00...00’. The contents of this DGI will always contain values of
zero, but length may change depending on the M/Chip Advance implementation,
profile and options required. Data elements may be omitted from this DGI because of
the following:
It is not required for the profile.
It is not required because of the options selected.
It is required but the application initializes it is zero, and therefore, it is not
necessary to personalize it.
The following data elements are not required for Contact-only profiles,
AC Session Key Counter (Contactless)
Security Limits Status (Contactless)
SMI Session Key Counter (Contactless)
The following data elements are not required for SDA only profiles.
Hash Result (Recovery)
PIN Decipherments Error Counter
Security Limits Status Common
Security Limits Status (Contactless)
Security Limits Status (Contact)
DGI Definitions
Page 44 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Data Element Length
Accumulator 1 Amount 6
Accumulator 2 Amount 6
Application Transaction Counter 2
Counter 1 Number 1
Counter 2 Number 1
Last Online ATC 2
Last Online Transaction Date 2
PIN Decipherments Error Counter 2
Script Counter 1
Security Limits Status Common 1
Application Transaction Counter (Recovery) 2
Cryptogram Information Data (Recovery) 1
Hash Result (Recovery) 20
Unpredictable Number (Recovery) 4
AC Session Key Counter (Contact) 2
Security Limits Status (Contact) 1
SMI Session Key Counter (Contact) 2
AC Session Key Counter (Contactless) 2
Security Limits Status (Contactless) 1
SMI Session Key Counter (Contactless) 2
5.20 Data Grouping Indicator ‘A00B’
Data Element Length
AID Var. 5 to 32
5.21 Data Grouping Indicator ‘A00E’
Data Element Length
DS management Control 1
DS Number Of Slots 1
DSPK 12
V1.1
V1.1
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 45 M/Chip Advance Common Personalization Specification October 2012
5.22 Data Grouping Indicator ‘B011’ to ‘B015’
Data Element Length
Protected Data Envelope x (x = 1 to 5) Var.
5.23 Data Grouping Indicator ‘B016’ to ‘B01A’
Data Element Length
Unprotected Data Envelope x (x = 1 to 5) Var.
5.24 Data Grouping Indicator ‘8000’—encrypted
Refer to the EMV Card Personalization Specification for a definition of this data
grouping. In accordance with M/Chip Advance terminology, it contains the following
data elements:
Data Element Length
AC Master Key (Contact) 16
SMI Master Key (Contact) 16
SMC Master Key (Contact) 16
5.25 Data Grouping Indicator ‘8001’—encrypted
Data Element Length
AC Master Key (Contactless) 16
SMI Master Key (Contactless) 16
SMC Master Key (Contactless) 16
5.26 Data Grouping Indicator ‘A006’—encrypted
Data Element Length
ICC Dynamic Number Master Key (Contact) 16
DGI Definitions
Page 46 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
5.27 Data Grouping Indicator ‘A016’—encrypted
Data Element Length
ICC Dynamic Number Master Key (Contactless) 16
5.28 Data Grouping Indicator ‘8101’—encrypted
Refer to the EMV Card Personalization Specification for a definition of this data
grouping. In accordance with M/Chip Advance terminology, it contains the following
data element:
Data Element Length
ICC Private Key Exponent Var., 8-byte multiple
5.29 Data Grouping Indicator ‘8103’—encrypted
Refer to the EMV Card Personalization Specification for a definition of this data
grouping. In accordance with M/Chip Advance terminology, it contains the following
data element:
Data Element Length
ICC Private Key Modulus Var., 8-byte multiple
5.30 Data Grouping Indicator ‘8201’—encrypted
DGI '8201' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC Private Key CRT constant q-1 mod p Var., 8-byte multiple
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 47 M/Chip Advance Common Personalization Specification October 2012
5.31 Data Grouping Indicator ‘8202’—encrypted
DGI '8202' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC Private Key CRT constant d mod (q – 1) Var., 8-byte multiple
5.32 Data Grouping Indicator ‘8203’—encrypted
DGI '8203' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC Private Key CRT constant d mod (p – 1) Var., 8-byte multiple
5.33 Data Grouping Indicator ‘8204’—encrypted
DGI '8204' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC Private Key CRT constant prime factor q Var., 8-byte multiple
5.34 Data Grouping Indicator ‘8205’—encrypted
DGI '8205' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC Private Key CRT constant prime factor p Var., 8-byte multiple
DGI Definitions
Page 48 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
5.35 Data Grouping Indicator ‘8102’—encrypted
Refer to the EMV Card Personalization Specification for a definition of this data
grouping. In accordance with M/Chip Advance terminology, it contains the following
data element:
Data Element Length
ICC PIN Encipherment Private Key Exponent Var., 8-byte multiple
5.36 Data Grouping Indicator ‘8104’—encrypted
Refer to the EMV Card Personalization Specification for a definition of this data
grouping. In accordance with M/Chip Advance terminology, it contains the following
data element:
Data Element Length
ICC PIN Encipherment Private Key Modulus Var., 8-byte multiple
5.37 Data Grouping Indicator ‘8301’—encrypted
DGI '8301' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC PIN Encipherment Private Key CRT constant q-1
mod p
Var., 8-byte multiple
5.38 Data Grouping Indicator ‘8302’—encrypted
DGI '8302' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC PIN Encipherment Private Key CRT constant d mod
(q – 1)
Var., 8-byte multiple
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 49 M/Chip Advance Common Personalization Specification October 2012
5.39 Data Grouping Indicator ‘8303’—encrypted
DGI '8303' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC PIN Encipherment Private Key CRT constant d
mod(p – 1)
Var., 8-byte multiple
5.40 Data Grouping Indicator ‘8304’—encrypted
DGI '8304' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC PIN Encipherment Private Key CRT constant prime
factor q
Var., 8-byte multiple
5.41 Data Grouping Indicator ‘8305’—encrypted
DGI '8305' is encrypted with SKUDEK. The q-1
mod p is the default convention to be
used to generate the values for DGIs containing the CRT components for the
application. See [EMV CPS].
Data Element Length
ICC PIN Encipherment Private Key CRT constant prime
factor p
Var., 8-byte multiple
5.42 Data Grouping Indicator ‘8010’—encrypted
Refer to the EMV Card Personalization Specification for a definition of this data
grouping. It contains the following data element:
Data Element Length
Reference PIN (in Format 1) 8
DGI Definitions
Page 50 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
The Reference PIN (in Format 1) data element follows ISO 9564-1 format 1. This
format is not the EMV format used by the application when personalized.
During personalization, the M/Chip Advance application converts the Reference PIN
in Format 1 into the Reference PIN specified in the [MCA] (that is, into the EMV
format) before storing it in permanent memory.
5.43 Data Grouping Indicator ‘8400’—encrypted
Data Element Length
KDCVC3 (Contact) 16
5.44 Data Grouping Indicator ‘8401’—encrypted
Data Element Length
KDCVC3 (Contactless) 16
5.45 Data Grouping Indicator ‘9102’
Refer to the EMV Card Personalization Specification for a definition of this data
grouping.
It is only supported when DGI ‘A001’ is not supported.
5.46 Data Grouping Indicator ‘9010’
Refer to the EMV Card Personalization Specification for a definition of this data
grouping. In accordance with M/Chip Advance terminology, it contains the following
data elements:
Data Element Length
PIN Try Counter 1
PIN Try Limit 1
5.47 Data Grouping Indicator ‘9000’
Refer to the EMV Card Personalization Specification for a definition of this data
grouping.
The application developer may optionally support this data grouping.
DGI Definitions
©2012 MasterCard – Proprietary and Confidential Page 51 M/Chip Advance Common Personalization Specification October 2012
5.48 Data Grouping Indicator ‘A200’
Some implementations verify the correctness of a RSA signature before sending it to
the terminal. The following data grouping may be used to personalize the ICC Public
Key Modulus:
Data Element Length
ICC Public Key Modulus Var., 8-byte
multiple
may be used to personalize the ICC Public Key Modulus.
5.49 Data Grouping Indicator ‘A201’
Some implementations verify the correctness of a RSA signature before sending it to
the terminal. The following data grouping may be used to personalize the ICC Public
Key Exponent:
Data Element Length
ICC Public Key Exponent Var.
may be used to personalize the ICC Public Key Exponent.
Only the values ‘03’ and ‘010001’ are supported in EMV, therefore the length of the
ICC Public Key Exponent is in practice 1 or 3 bytes.
DGI Definitions
Page 52 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Profile Data Groupings
©2012 MasterCard – Proprietary and Confidential Page 53 M/Chip Advance Common Personalization Specification October 2012
6 Profile Data Groupings
6.1 Conditional Data Groupings .................................................................... 54
6.2 Data Grouping for Each M/Chip Advance Profile .................................. 55
Profile Data Groupings
Page 54 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
6.1 Conditional Data Groupings
Some data groupings described in this chapter are conditional. Table 6-1 shows the
notation used to represent each condition and gives descriptions of the conditions.
Table 6-1—Explanation of Data Grouping Conditions
Condition Description
ICCModExp ICC Private Key is personalized, as described in the “Form 1”
section.
ICCCRT ICC Private Key is personalized, as described in the “Form 2”
section.
PINModExp ICC PIN Encipherment Private Key is used and personalized, as
described in the “Form 1” section.
PINCRT ICC PIN Encipherment Private Key is used and personalized, as
described in the “Form 2” section.
LifeCycle Application Life Cycle Data is supported by the application
provider.
The part of the Application Life Cycle Data that needs to be
personalized is implementation-specific.
The use of Key Check Values is optional.
Init The data elements may be personalized or may be initialized
without personalization.
Calc The data may be personalized individually or may be calculated by
the application during the personalization of other data.
Zero This data grouping gathers data elements which may be
personalized to ‘00…00’ value, or may be initialized to ‘00...00’
value without personalization.
AltEMV The EMV Card Personalization Specification identifies a data
grouping for these data elements. However, this specification
provides an optional data grouping that can be used instead of the
EMV data grouping. The application provider may choose the most
appropriate solution for the implementation.
NoTLV The application provider may choose to provide data without TLV
encoding.
TLV The application provider may choose to provide data with TLV
encoding.
RSA RSA is supported.
CCC The Calculate Cryptograph Checksum command is supported.
Log Transaction logging is supported.
NotUsed The data grouping is not supported
Profile Data Groupings
©2012 MasterCard – Proprietary and Confidential Page 55 M/Chip Advance Common Personalization Specification October 2012
6.2 Data Grouping for Each M/Chip Advance Profile
Table 6-2 defines which data grouping are to be used for each of the three M/Chip
Advance profiles of;
MCADS M/Chip Advance Payment and Data Storage Application
MCADP M/Chip Advance Payment Application
MCADP-C M/Chip Advance Payment Contact Only Application
Note that where more than one conditional term is used, all apply to the DGI in
question. Also, where data groupings are blank for a given profile, it means that that
DGI is supported by the profile.
Table 6-2—Data Groupings for Each Profile
DGI MCADS MCADP MCADP-C
‘0B01’ to
‘0BFF’
Init Init Init
Log
‘0E01’ to
‘0EFF’
Init NotUsed NotUsed
‘A001’ AltEMV AltEMV AltEMV
‘A002’
‘A012’
‘A022’ NotUsed
‘B010’ CCC
‘B023’ NotUsed
‘B002’ Log
‘A004’ Calc Calc
RSA
Calc
RSA
‘A005’ AltEMV AltEMV AltEMV
‘B005’ NoTLV NoTLV NotUsed
‘B104’ TLV TLV NotUsed
‘A007’
‘A017’
‘A027’ NotUsed
‘A008’ RSA RSA
‘A009’ LifeCycle LifeCycle LifeCycle
‘A00A’ Zero Zero Zero
‘A00B’
‘A00E’ NotUsed NotUsed
V1.1
Profile Data Groupings
Page 56 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
DGI MCADS MCADP MCADP-C
‘B011’ to
‘B015’
Init NotUsed NotUsed
‘B016’ to
‘B01A’
Init NotUsed NotUsed
‘8000’
‘8001’ NotUsed
‘A006’ RSA RSA
‘A016’ RSA NotUsed
‘8101’ ICCModExp ICCModExp
RSA
ICCModExp
RSA
‘8103’ ICCModExp ICCModExp
RSA
ICCModExp
RSA
‘8201’ ICCCRT ICCCRT
RSA
ICCCRT
RSA
‘8202’ ICCCRT ICCCRT
RSA
ICCCRT
RSA
‘8203’ ICCCRT ICCCRT
RSA
ICCCRT
RSA
‘8204’ ICCCRT ICCCRT
RSA
ICCCRT
RSA
‘8205’ ICCCRT ICCCRT
RSA
ICCCRT
RSA
‘8102’ PINModExp PINModExp
RSA
PINModExp
RSA
‘8104’ PINModExp PINModExp
RSA
PINModExp
RSA
‘8301’ PINCRT PINCRT
RSA
PINCRT
RSA
‘8302’ PINCRT PINCRT
RSA
PINCRT
RSA
‘8303’ PINCRT PINCRT
RSA
PINCRT
RSA
‘8304’ PINCRT PINCRT
RSA
PINCRT
RSA
‘8305’ PINCRT PINCRT
RSA
PINCRT
RSA
‘8010’
Profile Data Groupings
©2012 MasterCard – Proprietary and Confidential Page 57 M/Chip Advance Common Personalization Specification October 2012
DGI MCADS MCADP MCADP-C
‘8400’ CCC
‘8401’ NotUsed
‘9102’ AltEMV AltEMV AltEMV
‘9010’
‘9000’ LifeCycle LifeCycle LifeCycle
‘A200’ RSA RSA
‘A201’ RSA RSA
Profile Data Groupings
Page 58 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
Data Preparation
©2012 MasterCard – Proprietary and Confidential Page 59 M/Chip Advance Common Personalization Specification October 2012
7 Data Preparation
7.1 Overview .................................................................................................. 60
7.2 Records .................................................................................................... 60 7.3 Data Groupings ........................................................................................ 61 7.4 Data Grouping Order ............................................................................... 61 7.5 Grouped Data Groupings ......................................................................... 61 7.6 Version Control ........................................................................................ 62
7.7 ENC Field ................................................................................................ 62
Data Preparation
Page 60 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
7.1 Overview
This section describes the different aspects of data preparation for the M/Chip
Advance application, in accordance with the EMV Card Personalization Specification.
It covers the data preparation of:
Records, with SFI between 1 and 30 and corresponding DGI
Data groupings, including how they may be ordered and grouped
Version control
The ENC field
7.2 Records
The persistent data elements stored in files with an SFI between 1 and 30 are stored in
records and are retrievable with the READ RECORD command. MasterCard does
not mandate the file and record structure for the personalization of those files.
During personalization, the M/Chip Advance application receives a series of STORE
DATA commands corresponding to the record, and stores the record values in
records. For EMV Card Personalization, the M/Chip Advance application must have
the permanent memory available to store such records, using one of the following
methods:
Pre-allocation of the memory and file structure
Allocation of the memory and file structure during personalization
Some data groupings are reserved for record values. These data groupings are
identified with DGI’s in the range ‘XXYY’, where:
‘01’< = ‘XX’ < = ‘1E’, and
‘01’< = ‘YY’ < = ‘FF’
‘XX’ represents the SFI where the record is stored. ‘YY’ represents the record
number.
If the permanent memory and file structure is pre-allocated, the files and records that
will store the data must be present in the card before personalization of the M/Chip
Advance application. In this case, the pre-personalizer, the issuer, and the Data
Preparation bureau must ensure that the M/Chip Advance application is able to accept
the STORE DATA command corresponding to the personalization of the records
when the application is personalized.
If the permanent memory and the file structure is not pre-allocated, the M/Chip
Advance application creates the files and records when the STORE DATA command
is processed and there is no need for additional pre-personalization.
Data Preparation
©2012 MasterCard – Proprietary and Confidential Page 61 M/Chip Advance Common Personalization Specification October 2012
Refer to Chapter 3 for further information on the card capabilities reserved for those
records.
7.3 Data Groupings
There are a limited number of implementation options that have an impact on the data
groupings requiring personalization. For example, the length of the data grouping
with DGI ‘A00A’ is implementation-dependent. However, the value to be prepared
for this data grouping is always ‘00…00’.
The data preparation system must be aware of the following:
The options chosen for the target card
Proprietary data groupings needed for the target card, when the application
developer has added these
Some implementations of M/Chip Advance require the personalization of the ICC
Public Key Modulus and the ICC Public Key Exponent. Data groupings ‘A200’ and
‘A201’ might be used to personalize the data. However, usage of these DGIs is not
mandatory. It is recommended that data preparation systems:
Support these two DGIs, so that the ICC Public Key Modulus and the ICC
Public Key Exponent can be personalized if supported by the implementation,
and
Can be easily customized to use other DGIs to personalize the same data, so
that implementations using other DGIs could be easily supported.
7.4 Data Grouping Order
MasterCard recommends that application developers allow data groupings to be sent
to the M/Chip Advance application in any order. However, in some implementations
there may be constraints on the way in which the data groupings are ordered.
The application developer and the data preparation bureau must ensure that any such
implementation-specific constraints are respected.
7.5 Grouped Data Groupings
MasterCard recommends that application developers support any grouping of data
groupings, with the exception of data groupings identified in the VERCNTL field.
However, in some implementations there may be constraints on how data groupings
are grouped.
The application developer and the data preparation bureau must ensure that any such
implementation-specific constraints are respected.
Groups leading to the longest STORE DATA command supported by the target card
optimize the personalization.
Data Preparation
Page 62 ©2012 MasterCard – Proprietary and Confidential M/Chip Advance Common Personalization Specification October 2012
All M/Chip Advance applications compliant with this specification must support one
of the following:
Extended command data length for the STORE DATA
Data grouping data spanning several STORE DATA commands, as specified
in the EMV Card Personalization Specification. In this case, the M/Chip
Advance application must accept a STORE DATA command containing up to
255 bytes of data (that is, Lc = 255) and data groupings may be split over
more than one STORE DATA commands.
7.6 Version Control
When the M/Chip Advance application receives a data grouping that it does not
recognize (that is, the DGI is not supported by the application), it ignores it and
continues to process the next data grouping.
If a data grouping may not be recognized by certain versions of the M/Chip Advance
application to be personalized, it must be identified in the VERCNTL field. Such a
data grouping must not be grouped with other data groupings in a single STORE
DATA command.
7.7 ENC Field
Refer to Chapter 5 for the data groupings that must be ECB-encrypted. These data
groupings may be optionally grouped in a single STORE DATA command.