Professional Documents
Culture Documents
Agilis 3 91x Emv Upg B
Agilis 3 91x Emv Upg B
Document History
Copyright protection is claimed for each revision listed in the document history, as of the date indicated.
Any trademarks, service marks, product names or company names not owned by Diebold, Incorporated or its
subsidiaries (collectively "Diebold") that appear in this document are used for informational purposes only and
Diebold claims no rights thereto, nor does such use indicate any affiliation with or any endorsement of Diebold or
Diebold products by the owners thereof.
This document contains proprietary information. If the document pages state the information is confidential
(or words of similar import), then this document is intended solely for the use of the copyright owner's
employees or other personnel expressly authorized in writing by the copyright owner. Other uses of this
information without the express written consent of the copyright owner are prohibited. This document should
be treated as confidential material for security reasons. Any unauthorized disclosure or use of confidential
material may violate Section 1832 of Title 18 of the United States Code as well as other laws, and may be
punishable by fine and imprisonment.
The information contained in this document is subject to change without notice. When using the document for system
implementation, please call your authorized sales or service representative for any applicable changes.
This document and the information contained herein are provided AS IS AND WITHOUT WARRANTY. In
no event shall the copyright owner or its suppliers be liable for any special, indirect, or consequential damages
of any nature resulting from the use of information in this manual.
No part of this document may be reproduced, stored in a retrieval system, or transmitted, in any form or by any
means: electronic, mechanical, photocopying, recording, or otherwise, without prior written permission from the
copyright owner.
Your use of this document and/or any of the information contained herein constitutes your agreement to all of the
terms stated on this page.
Diebold continually strives to improve its products. If you would like to comment on the accuracy, clarity,
organization or value of this document, please contact us at documentationservices@diebold.com or address
correspondence to:
Diebold, Incorporated
Att: Documentation Services 9-B-16
5995 Mayfair Road
North Canton, OH 44720
ii
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Contents
iii
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Contents
Appendix B Write Command 19 Modifier A Message with Diebold Defined Tags . . . . . . . . . . . . . . B-1
iv
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Figures
Tables
v
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Tables
Table 3-36 Smart Card State, Operation 078 Status Codes . . . . . . . . . . . . . . . . . . . . . . . . . 3-62
Table 3-37 Smart Card Function Processing: Solicited . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-62
Table 3-38 Issuer authentication Failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-63
Table 3-39 Transaction Accepted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-63
Table 3-40 Transaction Denied . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-64
Table 3-41 Finalize Transaction Failed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-64
Table 3-42 Card Denied . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-65
Table 3-43 Function Fault . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-65
Table 3-44 Pin Management Script Failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-65
Table A-1 Hex/Decimal/Character Values (Hex 00 / Dec 000 through Hex 4D / Dec 077) . . . . . . . . A-1
Table A-2 Hex/Decimal/Character Values (Hex 4E / Dec 078 through Hex B3 / Dec 179) . . . . . . . . A-2
Table A-3 Hex/ Decimal /Character Values (Hex B4 / Dec 180 through Hex FF / Dec 255) . . . . . . . A-3
Table B-1 Diebold Defined TAGs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1
vi
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Section 1
Agilis 3 91x® EMV User / Programmer Guide Overview
1.1 Introduction
1.2 Overview
Section 2 is intended for those who are new to EMV or are seeking a general
understanding of EMV and how it may fit into the transaction processing base.
Section 3 delves into more detailed descriptions on how to provide EMV smart
card transaction processing within a terminal environment. Section 3 will be
used by terminal programmers, host and controller developers responsible for
terminal applications, and Diebold Service personnel. Specifics are provided for
the special features and functionality provided for terminal state flow and new
and modified host message structures for necessary data interchange within an
EMV transaction.
1-1
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
1-2
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Section 2
Agilis 3 91x® EMV User Guide
2.1 Overview
2.1.1 Terminology
Some of the terms used in this manual are described in the following paragraphs.
Smart Cards have two major advantages over traditional magnetic stripe cards:
EXAMPLE
• Chip Only
• and Chip
• or Chip
2-1
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
What is EMV?
EMV (Europay-MasterCard-Visa) is a set of specifications that payment system
hardware and software components must comply with to be used with chip cards.
There are Level 1 specifications that define the functions of the Card Reader and
Level 2 specifications that define the functions of the terminal software related
to the Smart Card.
The following table defines the terms, acronyms, and abbreviations used in this
document.
Term Definition
AAC [1] Application Authentication Cryptogram
AAR [1] Application Authorization Referral
ABC Agilis® Base Communications
ACU Agilis® Configuration Utility
Agilis® A Diebold software environment for Diebold and foreign terminal
AID Application IDentifier
ARPC [1] Authorization Response Cryptogram
ARQC [1] Authorization Request Cryptogram
ATC [1] Application Transaction Counter
CREQ Consumer Request message containing data to be routed
CREQ_DOL List of EMV tags which the terminal will append to EMV CREQ messages. These
tags are used in addition to the standard list of outgoing tags.
Default_TDOL Default Transaction Certificate Data Object List. This data object list is to be used if
the Transaction Certificate Data Object List is not present in the ICC.
DOL Data Object List
Default_DDOL Default Dynamic Data Object List. This is the Dynamic Data Object List to be
used if not present in the card.
EMV Europay-MasterCard-Visa - A joint effort to define and maintain Smart Card
specifications
EMV, version 4.1 or later A version of the "EMV Integrated Circuit Card Specifications for Payment Systems"
that includes 4 books:
• Book 1 - Application Independent ICC to Terminal Interface Requirements
• Book 2 - Security and Key Management
• Book 3 - Application Specification
• Book 4 - Cardholder, Attendant, and Acquirer Interface Requirements
ICC Integrated Circuit Card; also called Chip Card or Smart Card
Issuer Authentication Data [1] ARPC + Issuer Discretionary Data
[1] Refer to the EMV, version 4.1 specifications or later (see Section 2.1.3)
2-2
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Term Definition
M/Chip™ MasterCard's Smart Card EMV Application/Specification
PIN Personal Identification Number
Restricted TAGs Restricted TAGs are tags that may not be set through either the Write Command
19, Modifier A messages, or the Agilis Configuration Utility. This list can be found in
Section 2.6. There may be other tags, specific to a Payment Scheme, that should
not be set, as well.
Scheme A multi-character Application Type, For Example: 2VS for VSDC, and 2MC for
M/Chip
Smart Card A credit or debit card that contains an embedded integrated circuit (chip-based).
A Smart Card is used to store digital information such as, digital cash, consumer
identification, and network information.
Solicited_DOL A list of EMV tags which the terminal will append to most EMV Solicited status
messages. These tags are used in addition to the standard list of outgoing tags.
SST Self-Service Terminal
TAA Terminal Action Analysis
TAC Terminal Action Code
TAC-Default The default Terminal Action Code
TAC-Denial The denied Terminal Action Code
TAC-Online The online Terminal Action Code
Tag A 2 or 4-digit hex value specifying the EMV tag
TC [1] Transaction Certificate
TDOL Transaction Certificate Data Object List.
Terminal Automated Teller Machine (ATM)
Unsolicited_DOL A list of EMV tags which the terminal will append to some EMV Unsolicited status
messages. These tags are used in addition to the standard list of outgoing tags.
VIS Visa Integrated Circuit Card Specification, version 1.4.0
VSDC Visa Smart Debit and Visa Smart Credit Application
[1] Refer to the EMV, version 4.1 specifications or later (see Section 2.1.3)
2-3
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Diebold Opteva
These terminals must be operating in the 912 mode using the following supported
Smart Card States and Functions:
2.1.3 Documentation
In addition to this user guide, the EMV Smart Card Application documentation
includes additional reference manuals for terminal programmers and host
programmers responsible for terminal applications.
• EMV Integrated Circuit Card Specification for Payment Systems, version 4.1
or later (Books 1 through 4).
2-4
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
2.2 Features
The following EMV Smart Card Application features are described in the
following subsections:
• Error reporting
• User authentication
The EMV Smart Card Application supports the following Smart Card states
and/or functions:
• Generate ARQC
• Terminate Transaction
The following paragraphs describe the support provided by the preceding States
and/or Functions. See Section 3 for detailed descriptions.
2-5
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Generate ARQC
Smart Card State (SCb/), Operation 077, performs various checks, generates the
cryptogram and stores Smart Card data to 91x buffer 077. This data is added to
the next Consumer Request. Refer to Section 3.3.8.
Terminate Transaction
Smart Card State (SCb/), Operation 078, terminates a transaction when a timeout
occurs waiting on the host to respond to a CREC. Refer to Section 3.3.8
The EMV Smart Card Application provides a standard scheme for reporting
errors that occur as a result of application processing or accessing the Smart
Card. Errors being reported to the host or logged to the Journal printer or both.
The EMV uses status codes in the standard MDS 912 format (:xx:yy:zz). Refer
to Section 3.9 and Section 3.10.
2-6
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
This section lists the requirements for installing and operating the EMV Smart
Card Application. These requirements are divided into the following categories:
• Terminal requirements
• Host requirements
• EMV Smart Card Application requirements
The EMV Smart Card Application requires a Diebold Opteva Series Terminal
equipped with the following hardware and software:
• Any EMV Level 1 certified Smart Card reader (for more information,
contact your Diebold Product Representative)
• Agilis 3 91x®
The host must support the message formats and message sequences used for the
desired features.
The EMV Smart Card Application uses enhanced terminal states. The host must
be able to download enhanced states to the terminal during terminal configuration.
The host must be able to process the EMV Smart Card-related error statuses
that it might receive from the terminal.
The applicable messages, states, and status codes are described in section
Section 3.
This section provides information on the nominal transaction flows for approved
and denied consumer transactions that use the EMV Smart Card Application.
These flows help the user to understand the flow and process of the consumer
transaction.
The following transaction flows can occur when using the EMV Smart Card
Application's processing during a consumer transaction.
2-7
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
The following steps are an example of an initial transaction flow from when the
consumer inserts their EMV-compliant Smart Card and enters their PIN prior to
selecting a chip application. Refer to Section 3.3 for more detailed information
on the use of Smart Card State.
3. Use Smart Card State Operation 070 to check the alternate technology
byte of the Service Code contained on Track 2. Operation 070 applies
power to the chip once the card is identified as an ICC (Integrated Circuit
Card).
NOTE
5. Smart Card State 071 waits for power to be applied to the chip and chip
initialization to complete.
2-8
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
6. Smart Card State Operation 072 is used to select the EMV Smart Card
Application on the card.
NOTE
7. The Smart Card State Operation 073 allows the application initialization
to complete.
9. Use Smart Card State Operation 076 to set the EMV Transaction Type.
10. The consumer selects the currency type for the transaction.
11. Use the Smart Card State Operation 076 to set the EMV Currency Type
and Currency Exponent.
13. Use the Smart Card State Operation 076 to set the EMV Amount
Authorized.
NOTE
2-9
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The following steps are an example of an initial transaction flow from when the
consumer inserts their EMV-compliant Smart Card and enters their PIN after
selecting a chip application. Refer to section 2 for more detailed information on
the use of Smart Card State.
3. Use Smart Card State Operation 070 to check the alternate technology
byte of the Service Code contained on Track 2. Operation 070 applies
power to the chip after identifying the card as an ICC (Integrated Circuit
Card).
4. The Smart Card State 071 waits for chip initialization to complete and
power to be applied to the chip.
NOTE
5. The Smart Card State Operation 072 selects the EMV Smart Card
Application on the card.
NOTE
NOTE
9. The Smart Card State Operation 076 sets the EMV Transaction Type.
2-10
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
11. The Smart Card State Operation 076 sets the EMV Currency Type and
Currency Exponent.
13. The Smart Card State Operation 076 sets the EMV Amount Authorized.
NOTE
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2.
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
5. The Smart Card data, that is added to the Consumer Request message for
this transaction, is formatted and stored to the Smart Card Buffer ID 077.
6. The Smart Card State, Operation 077, exits to the next state. This is
normally the Consumer Request State.
7. A Consumer Request message is generated, from the Smart Card data that
is added. This data is then sent to the host.
EXAMPLE
2-11
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
• Issuer Scripts
• Authorization Code
9. The Smart Card Function, Operation 077 retrieves the Smart Card data
from the Smart Card Buffer ID 077, parses and stores the data.
11. The ICC authenticates the Issuer Authentication Data, and the
authentication is successful.
12. The terminal sends any Issuer Scripts to the ICC. This is usually happens
before the request for a TC is issued.
14. When the ICC responds with a TC, the terminal sends any Issuer Scripts
to the ICC to be performed after the TC request.
15. The terminal then completes any remaining functions specified in the 912
Function Command.
16. A Completion Solicited Status message is generated and sent to the host.
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2.
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
6. The Smart Card State, Operation 077, exits to the next state, which is
normally the Consumer Request State.
2-12
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
9. The Smart Card Function, Operation 077 retrieves the Smart Card data
from the Smart Card Buffer ID 077, and parses and stores the data.
10. The terminal uses the Authorization Response Code to determine the
transaction is denied.
11. The ICC authenticates the Issuer Authentication Data, and the
authentication is successful.
12. The terminal then sends any Issuer Scripts to the ICC before the request
for an AAC is issued.
14. When the ICC responds with an AAC, ARQC, AAR, or TC, the terminal
sends any Issuer Scripts to the ICC after the AAC request.
15. The terminal then completes any remaining functions specified in the 912
Function Command.
16. A Completion Solicited Status message is generated and sent to the host.
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2.
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
2-13
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
6. The Smart Card State, Operation 077, exits to the next state, which is
normally the Consumer Request State.
7. The Smart Card data is added to a Consumer Request message and sent
to the host.
EXAMPLE
9. The Smart Card Function, Operation 077 retrieves the Smart Card data
from the Smart Card Buffer ID 077 parses and stores the data.
11. The ICC authenticates the Issuer Authentication Data, and the
authentication fails. The terminal sets the appropriate values based on
the failure.
12. The terminal sends any issuer scripts to the ICC before issuing the request
for a TC.
14. The ICC responds with an AAC because of the authentication failure
of the Issuer Authentication Data.
15. The terminal sends all issuer scripts to the ICC after the TC request.
16. The terminal does not process remaining functions specified in the 912
Function Command.
17. The terminal issues a Solicited Fault Status. This indicates the failure to
complete the transaction, based on the response of an AAC from the ICC.
2-14
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2.
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
6. The Smart Card State, Operation 077, exits to the next state, which is
normally the Consumer Request State.
EXAMPLE
9. The Smart Card Function, Operation 077 retrieves the Smart Card data
from the Smart Card Buffer ID 077. The data is specified in the function,
and is parsed and stored.
10. Based on the Authorization Response Code, the terminal determines that
the transaction is denied.
11. The ICC authenticates the Issuer Authentication Data, and the
authentication fails. The terminal sets the appropriate values based on
the failure.
12. The terminal sends any Issuer Scripts to the ICC before the request for
an AAC.
13. The terminal then issues a request for an AAC to the ICC.
2-15
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
15. The terminal sends any issuer scripts to the ICC to be performed after
the AAC request.
16. The terminal then completes any remaining functions specified in the 912
Function Command.
17. A Completion Solicited Status message is generated and sent to the host.
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2.
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
6. The Smart Card State, Operation 077, exits to the next state, which is
normally the Consumer Request State.
EXAMPLE
9. The Smart Card Function, Operation 077 retrieves the Smart Card data
from the Smart Card Buffer ID 077 parses and stores the data.
2-16
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
10. Based on the Authorization Response Code, the terminal determines that
the transaction is approved.
11. Since Issuer Authentication Data is not present, the ICC has nothing
to authenticate. The terminal sets the appropriate values based on
authentication NOT being performed.
12. The terminal sends any Issuer Scripts to the ICC before the request for
a TC is issued.
15. The terminal sends any Issuer Scripts to the ICC after the TC request.
16. The terminal does not process any remaining functions specified in the
912 Function Command.
17. The terminal issues a Solicited Fault Status indicating the failure to
complete the transaction. This is due to the response of an AAC from
the ICC.
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2.
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
6. The Smart Card State, Operation 077, exits to the next state. This is
normally the Consumer Request State.
2-17
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
9. The Smart Card Function, Operation 077 retrieves the Smart Card data
from the Smart Card Buffer ID 077 and parses and stores the data.
10. Based on the Authorization Response Code, the terminal determines the
transaction is approved.
11. The ICC authenticates the Issuer Authentication Data, and the
authentication fails. The terminal sets the appropriate values based on
the failure.
12. The terminal then sends any Issuer Scripts to the ICC to be performed
before the request for a TC is issued.
15. The terminal sends any issuer scripts to the ICC to be performed after
the TC request.
16. The terminal does not process any remaining functions specified in the
912 Function Command.
17. The terminal issues a Solicited Fault Status indicating the failure to
complete the transaction, due to the invalid cryptogram response to the
request for a TC
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2.
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
2-18
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
5. The terminal treats the AAR as an offline denial and declines the
transaction.
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2..
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
The following steps apply after the Initial Transaction Flow, as described in
Section 2.4.1 or Section 2.4.2.
• Processing restrictions
• CVM List Processing
• Terminal Risk Management
• Terminal Action Analysis
2-19
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
All ICC transactions, which time-out while waiting on a Host response, must be
terminated utilizing the ICC Transaction Termination State.
This section provides information for configuring the terminal to accept EMV
Smart Card. It also provides information for each EMV Smart Card Interface
available.
2-20
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The EMV terminal configuration is separated into three levels. From the most
specific to the least specific, the levels are, as follows:
Data in a more specific level takes precedence over data in a less specific level.
This gives a layered approach for the configuration, where data items at a
lower precedence can be overridden by data items at a more specific level. The
configuring of this data is described in the following sections.
This section discusses a general overview of the menu options and associated
buttons used in all the interfaces. However, a detailed description of the
Operation buttons are explained further in the Applications, Schemes and
General Settings sections.
• Applications
• Schemes
• General Settings
2.5.2 Using the Agilis Configuration Utility (ACU) to Configure EMV Terminal Data
The Agilis® Configuration Utility (ACU) is used to configure the terminal for
use of the EMV feature. Many settings are configured via ACU but most often
settings are configured via a download utilizing the message called Write
Command 19, Modifier A. The user needs to determine the best approach for
configuring the EMV data in their environment.
2.5.2.1 Overview
The tool is a Graphical User Interface (GUI) that allows you to configure the
EMV features.
NOTE
2-21
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
2. Refer to Figure 2-1 and use the following path to start the Agilis
Configuration Utility (ACU).
a. Select Start.
c. Select Diebold.
e. Select ACU.
2-22
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Refer to Figure 2-2 and select Agilis 91x. The Agilis 91x category
expands to a list of main elements, similar to those shown in Figure 2-3.
1. Once you have selected Agilis 91x, select Extended Features. A list of
features is displayed below the Extended Features selection (Figure 2-3).
2. Select EMV Chip Card from the list. The EMV Chip Card window
displays.
2-23
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
G6741002
4. Select the Add button at the bottom left corner and the Application
window expands. Selecting the Add button in the expanded Applications
window expands the EMV Tag window for data entry.
2-24
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
G6461EMVApp.jpg
Applications
Description Describes the Application ID. Example: Terminal Supported Application ID.
The description can be empty.
Application ID A 5 to 16 byte hex value (10 to Example: A00000000310
32 characters) that represents
an application ID on a card.
[1] EMV tags are not validated during device transactions. Insure that valid values are used for EMV tags.
2-25
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Example VISA
Next state A valid next state to continue Example: 026
processing when this
application is selected.
Default Label Default Label to be displayed. Example: MasterCard Debit
VISA Debit
National Standard Indonesian Chip Card
Interac Chip Card
2-26
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
2-27
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Example: 9F37049F0206
EMV Tag Valid EMV tags that can be Tag ID Example: 9F1A
set by the terminal.
Describes the Tag. The description can not be empty.
Value Example: 0840
In the Blocked Applications section, you can add, delete, and modify
application identifiers (AIDs) listed in the terminal’s blocked application
list.
2-28
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
G6741001
8. Click OK.
9. Select a blocked application in the list and click Modify to edit the
application details.
10. Select a blocked application in the list and click Remove to remove the
application from the list.
2-29
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
12. To modify the scheme information select a scheme from the list of
available schemes and click on the Modify button or double click on a
scheme.
G6461EMVSchemes.jpg
G6461SchemeEMV.jpg
Scheme
2-30
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
2-31
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Example: 9F37049F0206
2-32
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
2-33
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
CAUTION
G6461EMVGeneral.jpg
2-34
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
2-35
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Example: 9F37049F0206
Language Map This tag is used by the Automatic Example:
Language Selection state to If the terminal supports three languages (i.e., English,
determine the transaction's Spanish, and Hindi) that are setup as language banks
language based on the card 000, 001 and 002, respectively, then the language map is
data. set to en000es001hi002.
2-36
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
2-37
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Tag Description
8C[1] CDOL1
9F02 Amount Authorized, Numeric
9F03 Amount Other, Numeric
82 Application Interchange Profile
5A Application Primary Account Number
5F34 Application PAN Sequence Number
9F36 Application Transaction Counter
9F26 Application Cryptogram
9F34 CVM Results
9F27 Cryptogram Information Data
9F1E IFD Serial Number
9F10 Issuer Application Data
9F09 Application version Number, Terminal
9F33 Terminal Capabilities
9F1A Terminal Country Code
9F35 Terminal Type
95 TVR
57 Track 2 Equivalent Data
5F2A Transaction Currency Code
9A Transaction Date
9F41 Transaction Sequence Counter
9B Transaction Status Information
9C Transaction Type
9F37 Unpredictable Number
9F53 Transaction Category Code, MasterCard
Consecutive Transaction Limit (International), Visa (optional, read from ICC)
[1] Any tags in the value field of CDOL1, that are not already included in the appended data, will be
added to the appended data.
Tag Description
9F02 Amount Authorized, Numeric
9F03 Amount Other, Numeric
82 Application Interchange Profile
5A Application Primary Account Number
2-38
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Tag Description
9F36 Application Transaction Counter
9F27 Cryptogram Information Data
9F10 Issuer Application Data
5F34 Application PAN Sequence Number
9F1A Terminal Country Code
95 TVR
9F26 Application Cryptogram
5F2A Transaction Currency Code
9A Transaction Date
9B Transaction Status Information
9C Transaction Type
9F37 Unpredictable Number
8A Authorization Response Code
Tag Description
8C[1] CDOL1
9F02 Amount Authorized, Numeric
9F03 Amount Other, Numeric
82 Application Interchange Profile
9F36 Application Transaction Counter
9F26 Application Cryptogram
8A Authorization Response Code
9F27 Cryptogram Information Data
9F10 Issuer Application Data
5A Application Primary Account Number
5F34 Application PAN Sequence Number
9F1A Terminal Country Code
95 TVR
5F2A Transaction Currency Code
9A Transaction Date
9B Transaction Status Information
9C Transaction Type
9F37 Unpredictable Number
2-39
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Tag Description
5F24 Application Expiration Date
9F33 Terminal Capabilities
9F1C Terminal ID
9F35 Terminal Type
57 Track 2 Equivalent Data
Restricted TAGs
The Restricted TAGs are tags that may not be set through either the Write
Command 19, Modifier A messages, or ACU. This list is only a partial listing.
There may be other tags, specific to a Payment Scheme, that should not be set.
These tags may still be used by the system, but their values are either fixed, read
from the ICC or calculated at run time.
TAG DESCRIPTION
9F40 Additional Terminal Capabilities
81 Amount, Authorized (Binary)
9F02 Amount, Authorized (Numeric)
9F04 Amount, Other (Binary)
9F03 Amount, Other (Numeric)
9F26 Application Cryptogram
9F42 Application Currency Code
9F44 Application Currency Exponent
9F05 Application Discretionary Data
5F25 Application Effective Date
5F24 Application Expiration Date
94 Application File Locator
4F Application Identifier (AID) (ICC)
9F06 Application Identifier (AID) (Terminal)
82 Application Interchange Profile
50 Application Label
9F12 Application Preferred Name
5A Application Primary Account Number (PAN)
5F34 Application Primary Account Number (PAN) Sequence Number
87 Application Priority Indicator
2-40
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
TAG DESCRIPTION
9F3B Application Reference Currency
9F43 Application Reference Currency Exponent
61 Application Template
9F36 Application Transaction Counter (ATC)
9F07 Application Usage Control
9F08 Application version Number (ICC)
9F09 Application version Number (Terminal)
89 Authorization Code
8A Authorization Response Code
8C Card Risk Management Data Object List 1 (CDOL1)
8D Card Risk Management Data Object List 2 (CDOL2)
5F20 Cardholder Name
9F0B Cardholder Name Extended
8E Cardholder Verification Method (CVM) List
9F34 Cardholder Verification Method (CVM) Results
8F Certification Authority Public Key Index (ICC)
83 Command Template
9F27 Cryptogram Information Data
9F45 Data Authentication Code
84 Dedicated File (DF) Name
9D Directory Definition File (DDF) Name
73 Directory Discretionary Template
9F49 Dynamic Data Authentication Data Object List (DDOL)
BF0C File Control Information (FCI) Issuer Discretionary Data
A5 File Control Information (FCI) Proprietary Template
6F File Control Information (FCI) Template
9F4C ICC Dynamic Number
9F2D Integrated Circuit Card (ICC) PIN Encipherment Public Key Certificate
9F2E Integrated Circuit Card (ICC) PIN Encipherment Public Key Exponent
9F2F Integrated Circuit Card (ICC) PIN Encipherment Public Key Remainder
9F46 Integrated Circuit Card (ICC) Public Key Certificate
9F47 Integrated Circuit Card (ICC) Public Key Exponent
9F48 Integrated Circuit Card (ICC) Public Key Remainder
9F1E Interface Device (IFD) Serial Number
9F0D Issuer Action Code – Default
9F0E Issuer Action Code – Denial
9F0F Issuer Action Code – Denial
2-41
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
TAG DESCRIPTION
9F10 Issuer Application Data
91 Issuer Authentication Data
9F11 Issuer Code Table Index
5F28 Issuer Country Code
90 Issuer Public Key Certificate
9F32 Issuer Public Key Exponent
92 Issuer Public Key Remainder
86 Issuer Script Command
9F18 Issuer Script Identifier
5F50 Issuer URL
5F2D Language Preference
9F13 Last Online Application Transaction Counter (ATC) Register
9F14 Lower Consecutive Offline Limit
9F17 Personal Identification Number (PIN) Try Counter
9F38 Processing Options Data Object List (PDOL)
80 Response Message Template Format 1
77 Response Message Template Format 2
5F30 Service Code
88 Short File Identifier (SFI)
9F4B Signed Dynamic Application Data
93 Signed Static Application Data
9F4A Static Data Authentication Tag List
9F33 Terminal Capabilities
9F35 Terminal Type
95 Terminal Verification Results
9F1F Track 1 Discretionary Data
9F20 Track 2 Discretionary Data
57 Track 2 Equivalent Data
97 Transaction Certificate Data Object List (TDOL)
98 Transaction Certificate (TC) Hash Value
9A Transaction Date
99 Transaction Personal Identification Number (PIN) Data
9F41 Transaction Sequence Counter
9B Transaction Status Information
9F21 Transaction Time
9C Transaction Type
2-42
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
TAG DESCRIPTION
9F37 Unpredictable Number
9F23 Upper Consecutive Offline Limit
2-43
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
2-44
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Section 3
Agilis 3 91x® EMV Programmer Guide
3.1 Introduction
This section is a reference for personnel who need to integrate the application
with an existing automated teller machine (terminal) system, such as:
• Terminal programmers
• Host and controller programmers responsible for Terminal applications
• Diebold service representatives
3.2 Overview
3-1
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Status Codes
A list of the status codes that the EMV Smart Card Application can generate is
provided. The information includes the error condition that initiated the status
and its description.
3-2
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Code Conventions
Tables that show message formats use the following notational code conventions.
CODE DESCRIPTION
SYMBOLS
The Enhanced Smart Card State (SCb/) is able to provide Smart Card State-based
Operations in the state flow of the terminal. The Enhanced Smart Card State
is defined, as follows:
The Enhanced Smart Card State contents vary depending on the Operation. The
following sections detail the Enhanced Smart Card State definitions, based on
the Operation.
Interface Design
This section describes the Smart Card State interfaces, used by the host
programmer, to integrate the Smart Card functionality into the state flow.
3-3
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Operation
The Operation entry tells the terminal what Smart Card Operation to perform
during the State. The following valid Operation values for the Enhanced Smart
Card State for the EMV Smart Card Application are defined in Table 3-2.
Table 3-2 Smart Card State Operations Used for the EMV Smart
Card Application
Operation Description
The Operation entry in the State Data initiates an ICC Transaction Module which
performs the operation defined for that module. There is an ICC Transaction
Module for each Operation.
Smart Card State (SCb/), Operation 070, is used to implement the Begin ICC
Initialization State behavior. This operation is the first to be executed in order to
start an EMV transaction. Operation 070 kicks off asynchronous processing to
interface with the ICC. Refer to Table 3-3.
3-4
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
Operation
Valid Range: 070
Description: Operation number used to access the Begin ICC Initialization
functionality.
3-5
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
Buffer To Clear
Valid Range: 000, 064 – 090 (‘@’, ‘A’ – ‘Z’), 256 – 355
Description: The ID of the buffer that is to be cleared. This buffer should align
with the buffer referenced in operation 073 to display the application name. A
value of ‘000’ indicates that no buffer is to be cleared.
Smart Card State (SCb/), Operation 071, is used to wait until the application
candidate list is built or ICC Initialization fails. This operation follows operation
070 and provides an opportunity to perform additional states while ICC
initialization is performed. Application Selection, operation 072, shall not be
performed until operation 071 completes. Refer to Table 3-4.
3-6
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
Operation
Valid Range: 071
Description: Operation number used to access the Complete ICC Initialization
functionality.
3-7
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
3.3.3 Smart Card State, Operation 072 - Begin Application Selection and Initialization
Smart Card State (SCb/), Operation 072, is used to implement the Begin Smart
Card Application Selection and Initialization functionality. Operation 072
provides for cardholder interaction to select the candidate application to use in
performing the transaction. This section describes the interface to be used by the
customer to incorporate this Smart Card operation into their state flow.
3-8
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
Operation
Valid Range: 072
Description: Operation number used to access the Begin ICC Application
Selection and Initialization functionality.
• The asterisk '*', is used as a place holder for characters in the application
name. All asterisks are replaced either by a character from the application
name or a space.
• Special sequences (&&S = Start, and &&E = End) are used to denote the
start and end of the application name display.
3-9
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
• Template data between &&S and &&E must be limited to the following:
• All other information that you wish to display with the application name
must be placed in the Cardholder selection screen or outside the application
name delimiters in the application name template screen.
EXAMPLE
Example 1:
&&S&&LJ|SIIA**********&&E
Example 2:
&&S&&RJ|SIIA**********&&E
Example 3:
|SIAJAPPLICATION
NAME&&S&&CD|SIBJ******|SICJ******&&E
3-10
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
3-11
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
3.3.4 Smart Card State, Operation 073 - Complete Application Selection and Initialization
Smart Card State (SCb/), Operation 073, is used to implement the Complete ICC
Application Selection and Initialization State behavior. This operation ensures
the ICC application has been selected and the application data acquired before
the transaction continues. Refer to Table 3-7.
3-12
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
Operation
Valid Range: 073
Description: Operation number used to access the Begin ICC Application
Selection and Initialization functionality.
• The asterisk '*', is used as a place holder for characters in the application
name. All asterisks are replaced either by a character from the application
name or a space.
• Special sequences (&&S = Start, and &&E = End) are used to denote the
start and end of the application name display.
3-13
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
• Template data between &&S and &&E must be limited to the following:
• All other information that you wish to display with the application name
must be placed in the Cardholder selection screen or outside the application
name delimiters in the application name template screen.
EXAMPLE
Example 1:
&&S&&LJ|SIIA**********&&E
Example 2:
&&S&&RJ|SIIA**********&&E
Example 3:
|SIAJAPPLICATION
NAME&&S&&CD|SIBJ******|SICJ******&&E
3-14
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Smart Card State (SCb/), Operation 074, is used to implement the Automatic
Language Selection operation. Following a successful complete of Operation
071 (Complete ICC Initialization) or Operation 073 (Complete ICC Application
Selection and Initialization), the application uses Operation 074 to determine the
cardholder's language preference from the ICC data.
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
3-15
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Operation
Valid Range: 074
Description: Operation number used to access the Automatic Language Selection
functionality.
Smart Card State (SCb/), Operation 075, is used to reselect the current ICC
application. This operation allows for transaction chaining by reselecting the
current ICC application without requiring the cardholder to re-insert their card or
to select the ICC application.
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
Operation
Valid Range: 075
Description: Operation number used to access the ICC Reselect functionality.
3-16
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Sub-operation
Valid Range: 000
Description: Reselects the current application. This field automatically selects
the current ICC application so that transactions using the same application may
be chained within a single cardholder's session.
NOTE
3.3.7 Smart Card State, Operation 076 - Set ICC Transaction Data
Smart Card State (SCb/), Operation 076, is used to set ICC transaction data
elements. Refer to Table 3-10.
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
3-17
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
Operation
Valid Range: 076
Description: Operation number used to access the Set ICC Transaction Data
functionality.
Buffer ID
Valid Range: 000, 064 – 090 (‘@’, ‘A’ – ‘Z’), 256 – 355
Description: Identifies the buffer where the data is stored. ‘000’ is used if the
data is not in a buffer.
Sub-operation
Valid Range: 000 – 001, 020 -022
Description: Identifies the sub-operation within operation 076, to perform.
NOTE
3-18
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
Each hex digit of the TLV data must be placed in the state
as a Decimal character. Refer to Appendix A and use
Table A-1 through Table A-3 to convert from hex digit to
Decimal and identify the printable character.
3-19
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
Create Buffer State is used to set buffer 077 to "9F53015A". Smart Card,
Operation 076, sub-operation 000, then reads buffer 077, converts the buffer to
hex digits, parses the primitive TLV data and stores the tag and value.
110 @L 111077159083001090
111 SC 001076222333444077000
This uses the same TLV data as the example above, but uses sub-operation 001.
Sub-operation 001 retrieves the TLV data from the fields after the sub-operation
field, converts the data to hex digits, parses the primitive TLV data and stores
the tag and value.
111 SC 001076222333444000001159083001090
110 @L
111077119013159083001090095042002008096095054001002
111 SC 001076222333444077000
This uses the same TLV data as the example above, but uses sub-operation 001.
111 SC
001076222333444000001119013159083001090095042002008
096095054001002
RULES:
• You can only set one primitive tag and value at a time, if they are not
wrapped within a constructed tag.
• For this operation, you cannot have constructed tags within constructed tags.
3-20
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Smart Card State (SCb/), Operation 077, is used to perform various checks,
generate the first cryptogram and store Smart Card data to TCS buffer 077. This
data is added to the next Consumer Request. Refer to Table 3-11.
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
Operation
Valid Range: 077
Description: Operation number used to perform processing restrictions, card
holder verification, terminal risk management, terminal action analysis and card
action analysis. Card action analysis will result in the generation of either an
ARQC or AAC.
3-21
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Smart Card State (SCb/), Operation 078, is used to terminate a transaction when a
timeout occurs waiting on the host during Consumer Request processing. Refer
to Table 3-12.
State Type
Valid Range: SCb/
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
Operation
Valid Range: 078
Description: Operation number used to perform the completion processing for
the EMV transaction.
Smart Card (SC b), operation, 079 Blocked Application Branch, is defined for
use in determining if there are any blocked applications acceptable for fallback
magnetic stripe transaction processing. This operation allows flexibility in
determining if the ‘No Usable Applications’ return from the Smart Card operation
071, Complete ICC Initialization, is a result of having no common applications
or having only common blocked applications.
3-22
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
If any blocked applications are identified, they are verified against a configured
terminal list of blocked applications. If the blocked applications on the card
match the blocked applications in the terminal application list, the operation
exits with Common Blocked Applications as the next state and the transaction
processing falls back to magnetic stripe transaction.
In case the blocked application on the card does not match the terminal’s list
of blocked applications, then the operation exits with No Common Blocked
Applications as the next state.
Table 3-13 provides a list of state definitions for Smart Card State (SC b),
Operation 079.
Table 3-13 State Definitions for Smart Card State (SC b), Operation 079
State Type
Valid Range: SC b
Description: The State Type entry identifies the specific types of State Data
entries associated with a particular state number. The State Type entry is part
of the State Data.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card State must be 001.
3-23
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
3-24
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The EMV terminal configuration data can be downloaded from the terminal (host)
driver by using Write Command 19, Modifier A, messages. The configuration
data is stored in the same XML file as the ACU configuration data.
The EMV terminal configuration is separated into three levels. From the most
specific to the least specific, the levels are as follows:
Data in a more specific level will take precedence over data in a less specific
level. This gives a layered approach for the configuration, where data items at a
lower precedence can be overridden by data items at a more specific level. The
format of this data is described in the following sections.
NOTE
This section provides a sample scenario for loading EMV configuration data into
the terminal configuration using Write Command 19, Modifier A.
The information sent down in Write Command 19, Modifier A, gives the terminal
the knowledge of what AIDs are supported and associated data. Several different
kinds of Data Identifiers can be used. They are as follows:
These message fields can be sent down individually or together. The terminal
must have one or more AIDs defined for smart card processing. An AID may be
sent down via Write Command 19, Modifier A, or defined via ACU.
3-25
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Modifier 'A' 1
Data[3] - - - Variable
The data is parsed based on the data identifier (AI, 2VS, 2MC, 2ID, 2IN and
3EMV) in the message. The data is validated and then stored for use by the
smart card application when processing an EMV transaction. If any of the
message content is invalid, the entire message is rejected and the previously
saved configuration is restored.
The following tables contain the format of the data elements associated with the
data identifiers for application (AI), scheme (2VS, 2MC, 2ID and 2IN), and
general EMV (3EMV) data.
The Data Identifier ‘AI' is used to signify that the Write Command contains
EMV Smart Card Application Identifier information which is used for EMV
transaction processing.
3-26
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The Application Specific data are values that are associated with the Application
Identifier (AID) specified in the first field of the data. The value for a specified
tag associated with the AID overrides any value for the same tag set in the
Scheme Specific or General EMV data.
The following table and paragraphs describe the Application Identifier specific
fields.
3-27
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Application Identifier
Length: 10-32 hex characters
Valid Range: The Payment Schemes will define the valid AIDs.
Description: The Application Identifier indicates the 5-byte to 16-byte AID used
during the application selection process on the smart card. The binary data is
converted to 7-bit unpacked transmittable data, before being sent to the terminal.
Downloaded AIDs are for applications supported by both the terminal and Host.
Next State
Length: 3 characters
Valid Range: 000 - 250 or 256 - 999 or A00-ZZZ
Description: The Next State entry specifies the next state to perform if the
associated application is selected. The Next State data is used by the Complete
Application Selection and Initialization state when the ICC Application Select
and Initialization Successful Next State number equals 255. When the ICC
Application Select and Initialization Successful Next State number in Operation
073 is not equal to 255, Agilis 3 91x attempts to perform the specified ICC
Application Select and Initialization Successful Next State number.
Scheme Identifier
Length: Variable
Valid Range: ‘2VS' (VSDC), ‘2MC’ (M/Chip), ‘2ID’ (Indonesian Chip Card)
or ‘2IN’ (Interac Chip Card)
Description: This field represents the payment scheme with which this AID is
associated. It also associates this AID with any Scheme Specific data configured
for the terminal. Currently, these are the only defined scheme identifiers.
NOTE
3-28
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Tag
Length: Variable
Valid Range: Any valid EMV TLV tag, and Diebold-defined tags.
Description: Tag that identifies the data value in the next field. For TLV tags, the
tags must be converted to 7-bit unpacked transmittable data. The Diebold-defined
tags are sent in the format shown in the Diebold tags table.
The tags, and their data, are associated with the AID downloaded in this AID
record. Therefore, the tags should be the Diebold-defined tags, EMV tags or tags
defined by the Payment Scheme (VSDC, M/Chip, etc.) associated with the AID.
Some EMV and Payment Scheme tags and values cannot be set. These are
restricted tags and values which are either read from the ICC, specific to the
terminal, or entered by the customer during the transaction. For more information
on restricted tags, refer to Section 2.6 Table 2-8.
Value
Length: Variable
Valid Range: Valid values for the specified tag
Description: All values must be converted to 7-bit unpacked transmittable data,
even values that are defined as alphanumeric or alphanumeric special.
A 3BAI containing only the AID will clear the AID from the terminal’s blocked
applications list. On the other hand, a 3BAI data identifier, with one or more
AIDs and their associated application type, will add the AIDs to the blocked
applications list.
[2] These elements are optional as a group. They may be reproduced up to the maximum message size.
3-29
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Application Identifier
Length: 10-32 hex characters
Valid Range: The Payment Schemes will define the valid AIDs.
Description: The Application Identifier indicates the 5-byte to 16-byte AID
used during the blocked application test on the terminal. The binary data is
converted to 7-bit unpacked transmittable data before being sent to the terminal.
Typically, downloaded AIDs would identify Applications that have been blocked
on the ICC but the issuer wishes to either allow or not allow to be processed as a
magnetic stripe transaction.
Scheme Identifier
Length: Variable
Valid Range: ‘2VS' (VSDC) or ‘2MC' (M/Chip)
Description: This field represents the payment scheme with which this AID is
associated. Currently, these are the only defined scheme identifiers.
The Scheme Specific data are tags and values that are associated with transactions
for a particular Payment Scheme (VSDC, M/Chip, etc.). The value, for a
specified tag associated with the Payment Scheme, overrides any value for
the same tag, set in the EMV General data. The Data Identifier, for Scheme
(2VS, 2MC, 2ID, 2IN), provides a link to an AID through the Scheme Identifier
specified in the Application Specific data.
3-30
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
Although these are the only defined scheme data identifiers, the
terminal could be configured for other schemes. Contact your
Diebold representative for further information.
Tag
Length: Variable
Valid Range: Any valid EMV, Payment Scheme TLV tag, and Diebold-defined
tags.. Refer to Appendix B.
Description: Tag that identifies the data value in the next field. For TLV tags, the
tags must be converted to 7-bit unpacked transmittable data.
Tag that identifies the data value in the next field. For TLV tags, the tags must
be converted to 7-bit unpacked transmittable data.
The tags, and their data, are associated with the Scheme downloaded in this
Scheme record. Therefore, the tags should be the Diebold-defined tags,
EMV tags or tags defined by the Payment Scheme (VSDC, M/Chip, etc.).
Section 2.6 Table 2-8.
Some EMV and Payment Scheme tags and values cannot be set. These are
restricted tags and values which are either read from the ICC, specific to the
terminal, or entered by the customer during the transaction. For more information
on restricted tags, refer to Section 2.6 Table 2-8.
Value
Length: Variable
Valid Range: Valid values for specified tag
Description: All values must be converted to 7-bit unpacked transmittable data,
even values that are defined as alphanumeric or alphanumeric special. Refer to
Table B -1 for details on the Diebold-defined tags.
The EMV General data are tags and values that are applicable to all EMV
transactions, regardless of AID or Payment Scheme. See the following example:
EXAMPLE
Since these values are the least specific, if a value for an identical tag is set at a
more specific level, it will override the value set at this level. The General EMV
data are described in the following paragraphs.
3-31
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Tag
Length: Variable
Valid Range: Any valid EMV, Payment Scheme TLV tag, and Diebold-defined
tags. Refer toAppendix B.
Description: Tag that identifies the data value in the next field. For TLV tags, the
tags must be converted to 7-bit unpacked transmittable data.
The tags, and their data, are associated with the General EMV data downloaded in
this record. Therefore, the tags should be the Diebold-defined tags or EMV tags.
Some EMV tags and values cannot be set. These are restricted tags and values
which are either read from the ICC, specific to the terminal, or entered by the
customer during the transaction. For more information on restricted tags, refer to
Section 2.6 Table 2-8.
Value
Value: Variable
Valid Range: Valid values for specified tag
Description: All values must be converted to 7-bit unpacked transmittable data,
even values that are defined as alphanumeric or alphanumeric special. Refer to the
Diebold Defined Tags table in Appendix B, for the valid values for these fields.
3-32
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Definitions:
FS – Field Separator
US – Unit Separator
• A Tag downloaded with an empty value causes the tag to be deleted from the
scope of the data identifier the tag is in. (e.g.; AI, 3EMV, 2VS, 2MC, 2ID or
2IN). Multiple tags can be deleted within one message.
EXAMPLE
The following will delete tag 9F1A from EMV (3EMV) General data.
3[FS][FS][FS]1A[FS]3EMV9F1A
The following will delete tag 9F1A from Visa (2VS) Scheme data.
3[FS][FS][FS]1A[FS]2VS9F1A
The following will delete tags 9F1A and 5F2A from MasterCard (2MC)
Scheme data. 3[FS][FS][FS]1A[FS]2MC9F1A[US][US]5F2A
EXAMPLE
The following will delete AID A0000000031010 and all its associated data.
3[FS][FS][FS]1A[FS]AIA0000000031010
This section describes how the Buffers to Follow ID, Buffer ID, and Buffer Data
fields of the Consumer Request Message are used to deliver EMV Smart Card
data to the host for EMV Smart Card transactions. Refer to the Agilis 3 91x
Terminal Programming Manual for the position and usage of these fields within
the Consumer Request Message.
The Smart Card fields shown in Table 3-17 are added to the message prior to the
Rollover Counts and MAC data, if either is present.
3-33
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Buffers to Follow ID
Field Size: 1
Valid Range: 9
Description: A 1-character field identifying the data that follows as a Buffer
ID followed by Buffer Data.
Buffer ID
Field Size: 3
Valid Range: 077 (Buffer 077 is reserved for Smart Card use.)
Description: A 3-character field identifying the data that follows as Smart Card
data
Buffer Data
Field Size: Limited only by the maximum length of a Consumer Request
Message
Valid Range:
Description: The contents of the variable length buffer field depends on the
Smart Card transaction requested. The format of the Consumer Request Smart
Card Buffer Data follows.
The following Consumer Request Smart Card Buffer Data Definition information
contains current Tagged and Non-tagged Elements supported in the Smart Card
data. The following table represents the Smart Card data for the Consumer
Request message.
3-34
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
AID Length
Field Size: 2 characters
Valid Range: Variable (10-32)
Description: Field represents the number of bytes in the AID, which immediately
follows this field. The length is specified as an ASCII representation of a decimal
value.
The following table displays the Tagged elements currently supported in the
Smart Card data. These elements are identified by their associated Tag and
NOT by position in the Smart Card data. These Tags are defined in the EMV
Specification, and Payment Scheme (VSDC, M/Chip, etc.) specific documents.
All tags defined in the DOL are sent in the message. Tag values may be empty.
3-35
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Table 3-19 Consumer Request (CREQ) Smart Card Tagged Elements (continued)
NOTE
NOTE
EXAMPLE
3-36
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
3-37
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
Unpacked = '4442443030303034'
Packed = 'DBD00004'
3-38
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
3-39
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
Unpacked = '5A'
Packed = 'Z'
Hosts that support the EMV Smart Card Application can use either of the
following Function Command message types, which support the Smart Card:
The Smart Card data shall be returned to the terminal in either of the function
command formats. The Smart Card Data is provided via an Update Buffers
function identifier, ’9’ that updates the reserved smart card data buffer, 077. The
smart card function processing is initiated by the Perform Function field ID, ‘:’
with Group ID ‘SC ‘, indicating a smart card function.
The Modified 912 function command incorporates the smart card data into the
Enhanced Configuration Data Field ID and Enhanced Configuration Data fields.
Two Enhanced Configuration Field ID values are used; `9`, Update Buffers;
`:`, Perform Function. Refer to Section 3.6.3 and Section 3.6.4 for the message
field content. The Execute Enhanced Functions function identifier, ‘;’, shall be
included first in the list of function identifiers. This function identifier causes
the Enhanced Configuration Field IDs, ‘9’ (Update Buffers) and `:` (Perform
Function) to be executed by the function command processing.
3-40
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The Smart Card data is delivered using the Field ID '9' (Update Buffers) with the
Group ID (Buffer ID) specified as 'M'(077), which is reserved for Smart Card
use. The Smart Card data follows in the Buffer Data. The Smart Card Buffer
data contents shall be formatted as defined in the following function command
Smart Card Data Definitions. The following table shows the format of the data as
it is delivered in a Function Command.
Field ID
Valid Range: ’9’
Description: The Field ID identifies the following Group ID as a function to
be performed.
Group ID
Valid Range: ‘M’
Description: The Group ID entry identifies the function to be performed as the
Smart Card function.
Buffer Data
Valid Range:
Description: The contents of the variable length buffer field depends on the
Smart Card transaction requested. Refer to the following sections for the format
of the Function Command Smart Card buffer data.
The data elements, listed in the following table, are transmitted to the terminal
in the Modified 912 Function Command after a transaction has been approved
for completion. The approval transaction indicates that the financial transaction
has been approved. The security aspects of the approval message must still be
checked by the ICC. This means that the ARPC has been generated and is to be
processed by the ICC.
3-41
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
• "00" - Approved
• "10" - Approved for partial amount
• "11" - Approved (VIP)
3-42
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Authorization Code
Field Size: 0 or 12
Valid Range: Defined by the Payment Scheme. Refer to Payment Scheme
documentation.
Description: Field represents the Authorization Code received from the terminal
driver. This field shall be present if and only if the Authorization Response Code
indicates that the transaction has been approved.
NOTE
EXAMPLE
After a transaction has been denied and no ARPC was generated, the data
elements displayed in the following table are transmitted to the terminal.
3-43
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
3-44
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
Operation 077 3
NOTE
Field ID
Valid Range: ’:’
Description: The Field ID identifies the following Group ID as a function to
be performed.
Group ID
Valid Range: SCb/
Description: The Group ID entry identifies the function to be performed as the
Smart Card function.
Unit Number
Valid Range: 001
Description: The Unit Number of the Enhanced Smart Card Function must be
001.
Operation
Valid Range: 077
Description: Operation number used to perform completion processing for an
EMV transaction. The Operation must be identical to the 3-digit numeric portion
of the Smart Card ID received in the Consumer Request Message which initiated
the transaction. Refer to Section 3.5 for details on the Smart Card Consumer
Request Message Operation.
EXAMPLE
'9''M'Smart Card Data:1C':'SC 001077
3-45
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Operation 077
The first Enhanced Configuration Data Field ID ('9`) specifies the enhanced
function ID, Update Buffer, and its associated data. The Group ID provides the
buffer to update. The remaining data up to the Field Separator is the buffer data.
The format for the remaining Enhanced Configuration Data always follows the
definition specified for the Enhanced Function Command for the 3-byte ID. For
this example, the buffer 'M' is being updated with the Smart Card Data.
The second Enhanced Configuration Data Field ID (':`) specifies the enhanced
function ID, Perform Function, and the associated function to perform. The
Group ID provides the Enhanced Function to perform and its associated data.
This data is handled by Agilis 3 91x as an Enhanced Command. The format of
the remaining Enhanced Data always follows the definition specified for the
Enhanced Function Command for the 3-byte ID. The Device ID is SCb/, which
represents a Smart Card Operation. The Function Data for the Smart Card device
is defined on a per operation basis. For more information on the format of the
Enhanced Data, refer to Section 3.6.4.
NOTE
The EMV Smart Card Application uses the modified 912 solicited status message
to deliver Smart Card completion data to the terminal driver. The enhanced
'J' status message delivers Smart Card fault data to the terminal driver. The
Smart Card status data shall contain the application identifier length, application
identifier, number of tagged elements, and number of untagged elements. Tagged
and untagged elements are returned in unit separated tag and value pairs.
The format of the solicited status message used to deliver Smart Card completion
data is shown in Table 3-23.
3-46
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Table 3-24 displays the format of the Enhanced Fault Status Message.
Device Identifier
Valid Range: SV71, SV72, SV73, SV76, SV77, or SV78
Description: The device identifier specifies the smart card module the status was
generated in. Refer to the smart card status tables for complete status listings.
Unit Number
Valid Range: 3 colon (:) separated digit pairs
Description: The status specifies the smart card fault that occurred. Refer to the
smart card status tables in Section 3.9 for complete status listings.
3-47
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Conditions
The following three conditions can occur:
• Approval - returns a TC
AID Length
Field Size: 2 characters
Valid Range: 10 - 32
Description: Field represents the number of alphanumeric bytes in the AID,
which immediately follows this field. The length is specified as an ASCII
representation of a decimal value.
3-48
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The table below displays a list of the default Smart Card Tagged Elements
currently in the Smart Card data. These elements are to be identified by their
associated Tag and not by position in the Smart Card data. These Tags are
defined in the EMV Specification. All tags defined in the DOL are sent in the
message. Tag values may be empty.
NOTE
3-49
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
3-50
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
3-51
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The table below displays a list of the Smart Card Non-tagged Elements currently
supported in the Smart Card data. These elements are to be identified by their
associated 2-byte Data Identifier and not by position in the Smart Card data.
NOTE
3-52
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Sub-fields:
Number of Issuer Scripts:
Fields Size: 2 characters
Valid Range: 00 - 99
Description: Field represents the number of Issuer Script Results, which
immediately follows this field. The length is specified as an ASCII representation
of a decimal value.
The EMV Smart Card Application requires the utilization of the Enhanced 912
Unsolicited 'J' Status Message to report Smart Card Unsolicited Statuses to the
terminal driver.
Table 3-28 displays the format of the Enhanced 912 Unsolicited 'J' status,
including the fields used to deliver Smart Card content.
3-53
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Device Identifier
Valid Range: SV71, SV72, SV73, SV76, SV77, or SV78
Description: The device identifier specifies the smart card module the status was
generated in. Refer to the smart card status tables in Section 3.9 for complete
status listings.
Status
Valid Range: 3 colon (:) separated digit pairs
Description: The status specifies the smart card fault that occurred. Refer to the
smart card status tables in Section 3.9 for complete status listings.
When the terminal or Smart Card denies the consumer transaction, an Unsolicited
Status message, containing an AAC (Application Authentication Cryptogram),
is generated. Smart Card data will only be included in an Unsolicited Status
message when a fault occurs during processing of Smart Card Operation 077
following completion of Application Initialization.
The following table displays the data contained in the Smart Card buffer added to
the Unsolicited Status response
AID Length
Field Size: 2 characters
Valid Range: Variable (10 - 32 characters)
Description: Field represents the number of bytes in the AID, which immediately
follows this field. The length is specified as an ASCII representation of a decimal
value.
3-54
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
The table below displays a list of the Smart Card Tagged Elements data, which
are identified by their associated Tag and not by their position. These Tags are
defined in EMV version 4.1 or later. All tags defined in the DOL are sent in the
message. Tag values may be empty.
3-55
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
NOTE
EXAMPLE
3-56
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
3-57
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
EXAMPLE
3-58
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
This section presents the error status codes generated by the EMV Smart Card
Application. The status codes are sent to the host in unsolicited status messages
and may be sent to the journal printer. All error messages are logged in the
system logging utility.
Statuses
This section defines the status codes generated by Smart Card State, Operation
071
3-59
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Table 3-31 Smart Card State, Operation 071 Status Codes (continued)
Statuses
This section defines the status codes generated by Smart Card State, Operation
072.
Statuses
This section defines the status codes generated by Smart Card State, Operation
073.
3-60
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Table 3-33 Smart Card State, Operation 073 Status Codes (continued)
Statuses
This section defines the status codes generated by Smart Card State, Operation
076.
Statuses
This section defines the status codes generated by Smart Card State, Operation
077.
3-61
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Statuses
This section defines the status codes generated by Smart Card State, Operation
078.
NOTE
This section presents the error status codes generated by the EMV Smart Card
Application. The status codes are sent to the host in solicited status messages
and may be sent to the journal printer. All error messages are logged in the
system logging utility.
This section defines the status codes generated by Smart Card Function
Processing.
3-62
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
NOTE
This section defines the status codes generated by Issuer authentication Failure.
Transaction Accepted
Status Description Explanation
77:0D:01 Card Data Error Card Data error was returned from kernel during
Completion processing function
77:0D:02 Bad Call Invalid function call made for Completion processing
77:0D:03 I/O Error Completion processing fails due to I/O error
3-63
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Transaction Accepted
Status Description Explanation
77:0D:04 Misc Error An unknown error caused the Completion Processing
to fail
77:0D:05 Invalid Input Data Completion processing fails due to Invalid Input data
format
77:0D:06 Invalid Decision Completion processing fails due to Invalid decision
parameter.
Transaction Denied
Status Description Explanation
77:0E:01 Card Data Error Card Data error was returned from kernel during
Completion processing function
77:0E:02 Bad Call Invalid function call made for Completion processing
77:0E:03 I/O Error Completion processing fails due to I/O error
77:0E:04 Misc Error An unknown error caused the Completion Processing
to fail
77:0E:05 Invalid Input Data Completion processing fails due to Invalid Input data
format
77:0E:06 Invalid Decision Completion processing fails due to Invalid decision
parameter.
This section defines the status codes generated by Finalize Transaction Failed.
3-64
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Card Denied
Status Description Explanation
77:10:01 Transaction declined Host accepted the transaction initially but card rejected it
Function Fault
Status Description Explanation
77:FF:01 Misc Error An unknown error occurred during Smart Card Function
processing
This section defines the status codes generated by Pin Management Script Failure.
3-65
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
3-66
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Appendix A
Hex/Decimal/Character Values
Refer to Table A-1 through Table A-3 to convert from hex digit to Decimal and
identify the printable character.
Table A-1 Hex/Decimal/Character Values (Hex 00 / Dec 000 through Hex 4D / Dec 077)
A-1
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Table A-2 Hex/Decimal/Character Values (Hex 4E / Dec 078 through Hex B3 / Dec 179)
A-2
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Table A-3 Hex/ Decimal /Character Values (Hex B4 / Dec 180 through Hex FF / Dec 255)
C1 193 Á E1 225 á
C2 194 Â E2 226 â
C3 195 Ã E3 227 ã
C4 196 Ä E4 228 ä
C5 197 Å E5 229 å
C6 198 Æ E6 230 æ
C7 199 Ç E7 231 ç
C8 200 È E8 232 è
C9 201 É E9 233 é
CA 202 Ê EA 234 ê
CB 203 Ë EB 235 ë
CC 204 Ì EC 236 ì
CD 205 Í ED 237 í
CE 206 Î EE 238 î
CF 207 Ï EF 239 ï
D0 208 Ð F0 240 ð
D1 209 Ñ F1 241 ñ
D2 210 Ò F2 242 ò
D3 211 Ó F3 243 ó
A-3
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
A-4
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Appendix B
Write Command 19 Modifier A Message with Diebold Defined Tags
EXAMPLE
NCREQ_DOL[:1F]9F019F159F1697
This would add Acquirer ID (9F01), Merchant Category Code (9F15), Merchant
Identifier (9F16), and TDOL from ICC (97) to the Smart Card data sent in the
Consumer Request for EMV transactions for the specified scheme.
B-1
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
B-2
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Appendix C
EMV PIN Management Transactions
The PIN Change transaction flow may be designed to allow the card holder to
enter a new PIN and then the transaction flow sends the new PIN to the host
updating the cardholder's online PIN. The host would respond with a function
command containing the EMV cryptogram, an authorization response code of
85, and an issuer script to change the offline PIN to match the online PIN. The
function command also causes additional processing to be performed to ensure
that the offline PIN is changed.
If any EMV functionality fails while processing the function command, the
terminal sends a solicited status with a device identifier of SVA7 to the host
indicating that the transaction failed. The host then has to rollback the online PIN
change and notify the card holder that the PIN change failed.
If any EMV functionality fails while processing the function command, the
terminal sends a solicited status with a device identifier of SVA7 to the host
indicating that the transaction failed. The host then has to rollback the online PIN
change and notify the card holder that the PIN change failed.
If either of these criteria are not met, the transaction is not recognized as a
PIN Management transaction and will not receive the additional processing
outlined above. Refer to the Visa PIN Management document in Section 2.1.3
for additional details on PIN Management transactions.
C-1
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
C-2
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Appendix D
EMV MasterCard PIN Unblock Transaction
The PIN Unblock transaction is designed to allow the card holder to insert/swipe
the card to unblock the PIN. The card issues an AAC when requesting for an
ARQC, which is a normal behavior because the card is blocked.
When the card issues an AAC, EMV Data elements are still available with the
terminal and the terminal can send this data within a Consumer Request message
(CREQ) to the card.
The 9C Transaction Type tag, generated by the Host, can have values in the range
of 90-99. The 9C tag value configured in the ACU will also be in the range of
90-99, with the default value being 91.
The Host sends the Issuer script in a function command to unblock the PIN.
The terminal accepts the function command and processes the Issuer script to
unblock the PIN.
D-1
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
D-2
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B
PRELIMINARY - DRAFT COPY
Mon Dec 05 12:28:22 2011
Appendix E
EMV MasterCard Balance Enquiry Transaction
For a MasterCard Balance Enquiry transaction, the terminal must ask the card
for an Application Authentication Cryptogram (AAC) at the second Generate
AC command.
• The terminal performs a normal chip transaction, using the online PIN as the
CVM, and sends the PIN for authorization.
• During state flow, the Host sets the 9C (Transaction Type) tag to have a
value of 30 to identify a Balance Enquiry transaction.
• The terminal will process the function command sent by the Host and reply
with the Ready 9 solicited status.
E-1
CONFIDENTIAL - Trade Secret Material
Copyright ©Diebold, Incorporated (7/2010, 12/2011) - All Rights Reserved
TP-821446-001B