MChip4 applet personalisation specification

Ref : Applet version 1.0 Model : DPC100415 A00 Page 1/22 Release : A01 Personalization Specification M/Chip 4 Select applet Name Role Date (dd/mm/yy) Visa Issued by Y.ROBERT Technical Expert 03/01/06 Verified by Approved by Distribution list Name Role or Function Name Role or Function Applet version 1.0 Page 2/22 Release Date (dd/mm/yy) Author Modifications A00 03/01/06 Y.ROBERT First Issue A01 01/03/06 Y.ROBERT Corrected an error in DGI A002 description for CIACs Applet version 1.0 Page 3/22 Table of content 1 Introduction................................................................................................................................. 4 1.1 Restrictions.......................................................................................................................................... 4 1.2 Reference documents ......................................................................................................................... 4 2 Installation .................................................................................................................................. 4 3 Prepersonalisation...................................................................................................................... 5 3.1 Commands.......................................................................................................................................... 5 3.1.1 Put Key......................................................................................................................................... 5 3.1.2 End preperso ............................................................................................................................... 6 3.2 Prepersonalisation log......................................................................................................................... 7 4 Personalisation........................................................................................................................... 8 4.1 Supported DGI .................................................................................................................................... 8 4.2 DGI A002............................................................................................................................................. 8 4.3 DGI A003............................................................................................................................................. 9 4.4 DGI A005............................................................................................................................................. 9 4.5 DGI A006: encrypted........................................................................................................................... 9 4.6 DGI A007............................................................................................................................................. 9 4.7 DGI A008............................................................................................................................................. 9 4.8 DGI A009............................................................................................................................................. 9 4.9 DGI 8000: encrypted ........................................................................................................................... 9 4.10 DGI 8010: encrypted ..................................................................................................................... 10 4.11 ICC RSA key elements.................................................................................................................. 10 4.11.1 DGI 8201: encrypted.................................................................................................................. 10 4.11.2 DGI 8202: encrypted.................................................................................................................. 10 4.11.3 DGI 8203: encrypted.................................................................................................................. 10 4.11.4 DGI 8204: encrypted.................................................................................................................. 10 4.11.5 DGI 8205: encrypted.................................................................................................................. 10 4.12 ICC PIN RSA key elements........................................................................................................... 10 4.12.1 DGI 8301: encrypted.................................................................................................................. 11 4.12.2 DGI 8302: encrypted.................................................................................................................. 11 4.12.3 DGI 8303: encrypted.................................................................................................................. 11 4.12.4 DGI 8304: encrypted.................................................................................................................. 11 4.12.5 DGI 8305: encrypted.................................................................................................................. 11 4.13 DGI B002....................................................................................................................................... 11 4.14 DGI B005....................................................................................................................................... 11 4.15 DGI 9000: encrypted ..................................................................................................................... 11 5 Personalization Profile Example............................................................................................... 13 6 Authentication with applet ........................................................................................................ 15 6.1 Derivation data for session key......................................................................................................... 15 6.2 Card cryptogram verification ............................................................................................................. 15 6.3 Host cryptogram generation for EXT AUTH...................................................................................... 15 6.4 MAC generation for EXT AUTH ........................................................................................................ 15 7 Personalisation log ................................................................................................................... 16 Applet version 1.0 Page 4/22 1 Introduction This document describes the M/Chip4 Select applet version 1.0 personalisation. The applied personalisation method is CPS. It has been tested on a GXP3 E32 PK card. This applet supports the following applications: • M/Chip4 Select • Paypass MSD (contactless) • Paypass M/Chip4 (contactless) The applet supports EMV2000 session key derivation method. The applet must be first: • Installed • Prepersonalised 1.1 RESTRICTIONS The applet does not support: • RSA keys (ICC and ICC PIN) in classical mode (private exponent, modulus), only CRT mode is supported 1.2 REFERENCE DOCUMENTS • M/Chip 4 Common Personalization Specifications – August 2003 • PayPass™ – M/Chip Personalization of Sample Application - Version 1.3 – April 2005 • PayPass™ – M/Chip Sample Application Pre-personalization Specification Version 1.5 - April 2005 • PayPass™ – M/Chip Sample Application – Known Issues Version 1.2 – April 2005 • EMV Card personalization Specification Version 1.0 - June 2003 2 Installation Package AID : A00000001800 Applet AID : A0000000180001 Instance AID : A0000000041010 Authenticate with Card Manager and send the install for install command. Example of Install for install command: 80E60C001d06A0000000180007A000000018000107A0000000041010010002C90000 Applet version 1.0 Page 5/22 3 Prepersonalisation This step consists in authenticating with Card Manager and load a new key set and related information and FCI for answer to select in the applet. This key set will be used to authenticate with the applet at beginning of personalisation. 3.1 COMMANDS 3.1.1 PUT KEY CLA : 80/84 INS : D8 P1 : 00 (key set version) P2 : 81(first key index for a multiple key loading) Lc : 43 for CLA=80 or 4B for CLA=84 Data : See below Le : 00 Data field: Status: Applet version 1.0 Page 6/22 3.1.2 END PREPERSO CLA : 80 / 84 INS : D6 P1 : 00 P2 : 00 Lc : var Data : See below Le : 00 Data field: CF tag description: Field Length Version number of the KMC 1 KMC Identifier 6 Chip serial number 4 Note: KMC is the key and KMC identifier could be the BIN of the bank 6F tag description: Status: Applet version 1.0 Page 7/22 3.2 PREPERSONALISATION LOG Keys to be loaded in the applet: AUTH_KEY, MAC_KEY, ENC_KEY AUTH_KEY in clear form: 4CB2738898BBCBEB570FC60F62D801B9 AUTH_KEY KCV : 5E6C30 (3 MSB of 3DES[0000000000000000] with AUTH_KEY) Encrypted AUTH_KEY : 10BB306CC869749A09581B1E7C1729D9 MAC_KEY : 69BFD8A5E12288799E44BE70C0C0E7F6 MAC_KEY_KCV : 26A892 (3 MSB of 3DES[0000000000000000] with MAC_KEY) Encrypted MAC_KEY : 44DF82E54D5FB9555E79E1E4D84DDA3D ENC_KEY in clear form : 43A6F108C8F9EA39A5AF03E7D58A26B4 ENC_KEY_KCV : B78688 (3 MSB of 3DES[0000000000000000] with ENC_KEY) Encrypted ENC_KEY : 1CF57922476C22536C9EC479FAB7DE63 Key set loading: PUT_DATA: 80D80081 43 01801010BB306CC869749A09581B1E7C1729D9035E6C30801044DF82E54D5FB9555E79E1E4D84DDA3 D0326A89280101CF57922476C22536C9EC479FAB7DE6303B78688 STATUS: 9000 Related key info and FCI loading: END PREPERSO: 80D60000 26 CF0B11111111111111111111116F178407A0000000041010A50C500A4D617374657243617264 STATUS: 9000 Applet version 1.0 Page 8/22 4 Personalisation 4.1 SUPPORTED DGI DGI Elements A002 CRM parameters A003 CFDC limits A005 AIP + AFL A006 IDN key A007 ATC/PTH/Scripts limits A008 Bad crypto limit A009 ALCD 8000 MASTERKEYGENAC MASTERKEYMAC MASTERKEYENC 8010 PIN block 9010 PTC/PTL 8201 ICC Apq 8202 ICC d1 8203 ICC d2 8204 ICC P 8205 ICC Q 8301 ICC PIN Apq 8302 ICC PIN d1 8303 ICC PIN d2 8304 ICC PIN P 8305 ICC PIN Q B002 Paypass: "Appli control (3B) || Static CVC3 track1 (2B) || Static CVC3 track2 (2B) || IVCVC3 track1 (2B) || IVCVC3 track2 (2B) B005 Paypass: AIP AFL 9000 Paypass: CVC3 key Data stored in records readable by terminals (template 70) will be stored in DGI XX YY with XX: beeing the SFI and YY beeing the record number. Example: “DGI 0103” stands for SFI1 record 3. 4.2 DGI A002 Data Elements Length (dec) Application Control 2 Default ARPC Response Code 2 Lower Consecutive Offline Limit 1 Upper Consecutive Offline Limit 1 Lower Cumulative Offline Transaction Amount 6 Upper Cumulative Offline Transaction Amount 6 Card Issuer Action Code – Decline (tag C3) 3 Card Issuer Action Code – Default (tag C4) 3 Card Issuer Action Code – Online (tag C5) 3 CRM Currency Code 2 Currency Conversion Table 25 CRM Country Code 2 CDOL 1 Related Data Length 1 Additional Check Table 18 This DGI stores card risk management elements used in contact mode during a M/Chip 4 Select transaction. Note: Order must be respected otherwise personnalisation would be wrong! Applet version 1.0 Page 9/22 4.3 DGI A003 Data Elements Length (dec) CFDC_limit for Integrity Session Key 1 CFDC_limit for Confidentiality Session Key 1 CFDC_limit for AC Session Key 1 4.4 DGI A005 Data Elements Length (dec) Application Interchange Profile 2 Application File Locator var This DGI stores the specific AIP and AFL that will be returned during a contact only M/Chip 4 Select transaction on the “GET PROCESSING OPTIONS” command. 4.5 DGI A006: ENCRYPTED Data Elements Length (dec) ICC Dynamic Number Master Key (MKIDN ) 16 The MKIDN key will be used for card random generation during DDA, CDA or PIN encipherment. 4.6 DGI A007 Data Elements Length (dec) Application Transaction Counter Limit 2 Previous Transaction History 1 MAC in Script Counter Limit 1 Global MAC in Script Counter Limit 3 Key Derivation Index 1 4.7 DGI A008 Data Elements Length (dec) Bad Cryptogram Counter Limit 2 4.8 DGI A009 Data Elements Length (dec) Application Life Cycle Data Var., up to 48 bytes 4.9 DGI 8000: ENCRYPTED Data Elements Length (dec) AC Master Key (MKAC) 16 SM for Integrity Master Key (MKSMI ) 16 SM for Confidentiality Master Key (MKSMC ) 16 Encryption mode: 3DES in ECB mode using session key for ciphering, no padding. Applet version 1.0 Page 10/22 4.10 DGI 8010: ENCRYPTED Data Elements Length (dec) Reference PIN in Format 1 8 Format 1: 2L PPPP P/F P/F P/F P/F FF With : • L: PIN length in digits (usually 4) • F: padding The PIN value will be used on “VERIFY” command. Encryption mode: 3DES in ECB mode using session key for ciphering, no padding. 4.11 ICC RSA KEY ELEMENTS These RSA key elements are in CRT format and will be used on the “INTERNAL AUTHENTICATE” command in the case of DDA or on the “GENERATE AC” command in the case of CDA. Encryption mode: 3DES in ECB mode using session key for ciphering, padding with 80…00 to be multiple of 8 bytes. 4.11.1 DGI 8201: ENCRYPTED Data Elements Length (dec) ICC Private Key CRT constant CA Var, 8-byte multiple 4.11.2 DGI 8202: ENCRYPTED Data Elements Length (dec) ICC Private Key CRT Constant CD1 Var, 8-byte multiple 4.11.3 DGI 8203: ENCRYPTED Data Elements Length (dec) ICC Private Key CRT Constant CD2 Var, 8-byte multiple 4.11.4 DGI 8204: ENCRYPTED Data Elements Length (dec) ICC Private Key CRT Constant CP Var, 8-byte multiple 4.11.5 DGI 8205: ENCRYPTED Data Elements Length (dec) ICC Private Key CRT Constant CQ Var, 8-byte multiple 4.12 ICC PIN RSA KEY ELEMENTS These RSA key elements are in CRT format and will be used on the “VERIFY” command in the case of an encrypted PIN. Encryption mode: 3DES in ECB mode using session key for ciphering, padding with 80…00 to be multiple of 8 bytes. Applet version 1.0 Page 11/22 4.12.1 DGI 8301: ENCRYPTED Data Elements Length (dec) ICC PIN Encipherment Private Key CRT constant CA Var, 8-byte multiple 4.12.2 DGI 8302: ENCRYPTED Data Elements Length (dec) ICC PIN Encipherment Private Key CRT Constant CD1 Var, 8-byte multiple 4.12.3 DGI 8303: ENCRYPTED Data Elements Length (dec) ICC PIN Encipherment Private Key CRT Constant CD2 Var, 8-byte multiple 4.12.4 DGI 8304: ENCRYPTED Data Elements Length (dec) ICC PIN Encipherment Private Key CRT Constant CP Var, 8-byte multiple 4.12.5 DGI 8305: ENCRYPTED Data Elements Length (dec) ICC PIN Encipherment Private Key CRT Constant CQ Var, 8-byte multiple 4.13 DGI B002 Data Elements Length (dec) Application control (Paypass) 3 Static CVC3 track1 (Paypass) 2 Static CVC3 track2 (Paypass) 2 IVCVC3 track1 (Paypass) 2 IVCVC3 track2 (Paypass) 2 Note: in the case of a M/Chip4 contact only profile, set the above values to 0000000000000000000000 This DGI stores the specific card risk management elements that will be used only during a contactless transaction. 4.14 DGI B005 Data Elements Length (dec) Application Interchange Profile (Paypass) 2 Application File Locator (Paypass) var Note: in the case of a M/Chip4 contact only profile, set the above values to 000000000000 This DGI stores the specific AIP and AFL that will be returned during a contactless transaction on the “GET PROCESSING OPTIONS” command. 4.15 DGI 9000: ENCRYPTED Data Elements Length (dec) CVC3 key (Paypass) 16 Applet version 1.0 Page 12/22 Note: in the case of a M/Chip4 contact only profile, set the above values to 00000000000000000000000000000000 The CVC3 key is used to generate the Dynamic CVC on the “COMPUTE CRYPTOGRAPHIC CHECKSUM” command. Applet version 1.0 Page 13/22 5 Personalization Profile Example Ö 1 application Debit/Credit : A0000000041010 RSA key size (bits) RSA key for Certification Authority 1152 RSA key for Issuer 1152 RSA key for ICC 1024 DGI A002 AppliControl 00D5 C400 DefARPCRespCode 00D6 0007 LCOL 9F14 FF UCOL 9F23 FF LowCumOffTrAmount 00CA 999999999999 Name Tag Value File EF_AEF1 DGI 0101 AppliEffectiveDate 5F25 020101 AppliExpiryDate 5F24 071231 AUC 9F07 FF00 PAN 5A 5413339000001513 PANSequenceNumber 5F34 00 IAC Default 9F0D F840642000 IAC Denial 9F0E 0010880000 IAC Online 9F0F F86064F800 DGI 0102 Track2EquData 57 5413339000001513D0712601000000000000 IssuerCountryCode 5F28 0056 CardHolderName 5F20 746573742063617264 File EF_AEF2 DGI 0201 CertifAuthPKIndex 8F F3 IssuerPKCert 90 39862FFCEB16BCB211CC64C8F97C57B02AA3CD63A253C32 0FDD17C4D1A56BF3442672561E9BB835B674A3FF7B2B15D CC18FA2A1D7FB88431D6CDF749D239E6BD4B725D483F251 845F3F2CEEB29A3A062B4350A4749AB3C824961E327A46D F5DC0588EBBF9B6ECA5C49D2D229C2DD5AE1D0D17C5F894 9A60A4C280FC5FF2ACA5A9C466AB17A56703C79600ED6E0 5D12FC DGI 0202 IssuerPKExp 9F32 03 92 EFF4A554A084A829B0D6D5ACCC34B84C262B32436ABDAC9 899308D51E57C83DF6908C389 ICCPubKeyExp 9F47 03 ICCPubKeyRemain 9F48 D529BCACA7F9ECEADE85990F1E04FEAE9FA033DF691268F 9F2D5 DDOL 9F49 9F3704 CVMList 8E 0000000000000000410344035E0342031F03 DGI 0203 SignedAppData 93 19B538B276E9B360F7DF0EC0A570BCFE8E93C28F0AB0104 4F63DFDB557C8DEEF64217FE10699D5A28E249A9D9ABADD 43F3845F50A2A95CF514A806BA56D70001678EA3EBF1E9F DFD2AEC39567E32FD0F314B4FE970B6C0FCFF7E8DE1A6C4 888C0E5E781D7CC030978F1B302024452F6ABF65A2A14F6 24A303A0D999FDCB499468197762A03FD1160213C34A4D9 2120A9 DGI 0204 ICCPubKeyCert 9F46 742F0A7DC8E44FE7BF7237703CC63F4E25F02D58D886524 34179E0C8945352D4D5FDAF75C0533C40B15959914CFD14 22DB8701175758F18B97CA7B2BDD03DE38FB6BB339F415A 2B04F32619A9A0513D273A2CEB711D0A8BF8F23BF54CAFE 7F2F907DC09A8434A9539B3BFF6C43F2E236A8B20AFF6EF 5727A53ED2677F21E41AB44561F24976696160D096B5C88 9333DD DGI0205 CDOL1 8C 9F02069F03069F1A0295055F2A029A039C019F37049F350 19F45029F4C089F3403 CDOL2 8D 910A8A0295059F37049F4C08 ApplVersionNumber 9F08 0004 AppliCurrencyCode 9F42 0978 Card Risk management elements Applet version 1.0 Page 14/22 UpCumOffTrAmount 00CB 999999999999 CIAC-Decline 00C3 000000 CIAC-Online 00C5 000000 CIAC-Default 00C4 000000 CRMCurrCode 00C9 0978 CurrConvTable 00D1 08260152820840012582000000000000000000000000000 000 CRMCountryCode 00C8 0056 CDOL1RelDataLength 00C7 2B AddCheckTable 00D3 200304FFFFFF000001000002000003FFFFFF DGI A003 CFDCLimIntSessKey 03 CFDCLimConfSessKey 03 CFDCLimACSessKey 03 DGI A005 AIP 0082 7900 AFL 92 0801020110010500 DGI A007 ATCLimit DF60 FFFF PrevTransHistory DF63 00 MACScriptCountLim DF64 0F GlMACScriptCountLi m DF66 0EFFF0 DKI DF55 01 DGI A008 BadCryptCountLim DF69 0400 DGI A009 ALCD 0110020500010000A1A2A3A4A5A6A7A8A9AAABACADAEAFB 0B1B2B3B4C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3 D4 3DES Key elements DGI A006 KeyIDN 68EA8C9EFF5AE32B064D00E900CA1118 DGI 8000 KeyAC 04720E87C796F0A4BB51D2F2FD7026FB KeyI 0D5845E5AC783CF8E022D7576860CADF KeyC 44433376DDC6EB0AC9ADCD69B9CBDEB9 PIN Elements DGI 8010 PIN 241234FFFFFFFFFF DGI 9010 PINTryCounter 03 PI