Professional Documents
Culture Documents
RuPay Chip Terminal Implementation Requirements Guide - v1.1
RuPay Chip Terminal Implementation Requirements Guide - v1.1
RuPay Chip Terminal Implementation Requirements Guide - v1.1
Implementation
Requirements Guide
Version – V1.1
1 Introduction ......................................................................................................................... 9
1.1 Audience ................................................................................................................................. 9
1.2 Scope of the Document .......................................................................................................... 9
1.3 Document Organization .......................................................................................................... 9
1.3.1 Naming Conventions ....................................................................................................... 9
1.3.2 Acronyms ...................................................................................................................... 10
1.3.3 Reference Materials ...................................................................................................... 11
2 RuPay Chip Card Program ................................................................................................... 12
3 Payment Transaction Overview........................................................................................... 13
4 Message types supported for RuPay ................................................................................... 14
5 Data Elements pertaining to RuPay Chip Transaction ........................................................... 15
5.1 DE#22 – PoS Entry Code........................................................................................................ 15
5.2 DE#23 – Card Sequence Number .......................................................................................... 15
5.3 DE#35 – Track 2 Data Element .............................................................................................. 16
5.4 DE#39 – Response Data ........................................................................................................ 16
5.5 DE#55 – Chip Data................................................................................................................. 17
5.6 DE#61 – PoS Data Code......................................................................................................... 23
6 RuPay Chip EMV Transaction Cycle @ Point of Sale (PoS) ..................................................... 24
6.1 Step 1: Application Selection ................................................................................................ 25
6.1.1 Terminal Data Elements and other Relevant Terms ..................................................... 26
6.1.2 Technical Processing ..................................................................................................... 28
6.1.3 Commands .................................................................................................................... 30
6.1.4 RuPay Implementation Requirements .......................................................................... 30
6.2 Step 2: Initiate Application Processing ................................................................................. 31
6.2.1 Terminal Data Elements and other Relevant Terms ..................................................... 32
6.2.2 Technical Processing ..................................................................................................... 33
6.2.3 Commands .................................................................................................................... 34
6.2.4 RuPay Implementation Requirements .......................................................................... 34
6.3 Step 3: Read Application Data .............................................................................................. 34
6.3.1 Terminal Data Elements and Other Relevant Terms .................................................... 35
LIST OF FIGURES
1.1 Audience
This Guide is primarily intended for Acquirers, terminal manufacturers and vendors,
3rd party processors, and / or other entities responsible for implementing the NPCI
RuPay Chip Card program on the Acquiring side.
1. The cardholder swipes his card on the Point of Sale machine at the merchant outlet
2. The PoS creates a financial transaction message and forwards the same to the Acquirer Host
system
3. The Acquirer system, after performing the validation tests identifies if the transaction is On-
Us i.e. if the card is issued by the Acquirer itself. If yes, then the transaction is authenticated
and authorized by the Acquiring Bank Authorization Host itself
4. If the transaction is Off-Us i.e. the card belongs to some other issuer, the Acquirer forwards
the transaction to NPCI which in turn will route the request to the Issuer
5. The Issuer will then authorize the transaction and send back the response to NPCI
6. NPCI will then route the transaction response back to the Acquirer which in turn will forward
the same to the PoS terminal
7. The merchant and the cardholder will be informed about the status of the transaction –
Approved or Declined – by the message displayed in the PoS Screen
1. Authorization message
2. Financial message
3. Reversal message
4. Network management message
The detailed specifications of these message formats are available in RuPay PoS Switching
Interface Specification manual
Format Fixed
Requirement In case of Chip, the first two digits should indicate the usage of
chip with either of the following values depending upon the
condition given
When POS Entry Mode is chip, all data for the transaction
must be fetched from the Chip. The device shall use the Track
2 Equivalent Data from the chip instead of reading the same
form magnetic strip
05 ICC used
Format Fixed
Field Separator
Service Code
Discretionary Data
For RuPay Chip Card Transactions (POS Entry Capability = 05 or 95), this field shall
contain the Track 2 equivalent data read from the Chip Card (EMV tag ‘57’) and EMV
tag 57 will not be carried in DE 55.
Format Fixed
Response Codes present in the response in case of Chip transactions declined by the
Issuer are as below –
Format LLLVar
Description This field contains the relevant chip information required for
processing the chip transaction. The information is present
as EMV Tags encoded in Tag-Length-Value (TLV) format
0100 / 0200
0110 / 0210
0120 / 0220
0130 / 0230
EMV
Format
Length
0420
0430
# Tag Name Usage
Tag
9F02
1. Amount 6 n 12 M - M - M - Authorized
Authorized amount of the
transaction
(excluding
adjustments)
9F03
2. Amount 6 n 12 C - C - C - Mandatory if cash
Other over (cash back)
transaction OR if
input to
application
cryptogram
(ARQC/TC/AAC)
calculation.
9F26
3. Application 8 b M - M - M - Cryptogram
Cryptogram returned by the
ICC in response of
the GENERATE AC
command
9F06
4. Application 5-16 b O - O - O - Identifies the
Identifier application as
(AID) – described in
Terminal ISO/IEC 7816-5
82
5. Application 2 b M - M - M - Indicates the
Interchange capabilities of the
Profile (AIP) card to support
specific functions
in the application
9F36
6. Application 2 b M - M - M - Counter
Transaction maintained by the
Counter application in the
(ATC) ICC (incrementing
the ATC is
0110 / 0210
0120 / 0220
0130 / 0230
EMV
Format
Length
0420
0430
# Tag Name Usage
Tag
managed by the
ICC)
9F07
7. Application 2 b O - O - O - Indicates issuer‘s
Usage specified
Control restrictions on the
geographic usage
and services
allowed for the
application
9F27
8. Cryptogram 1 b M - M - M - Indicates the type
Information of cryptogram and
Data (CID) the actions to be
performed by the
terminal
9F34
9. CVM Results 3 b O - O - O - Indicates the
results of the last
CVM performed
84
10. Dedicated 5-16 b O - O - O - Identifies the
File Name name of the DF as
described in
ISO/IEC 7816-4
9F1E
11. Interface 8 an 8 O - O - O - Unique and
Device (IFD) permanent serial
Serial number assigned
Number to the IFD by the
manufacturer
9F10
12. Issuer Var. b M - M - M - Contains
Application up proprietary
Data (IAD) to application data
32 for transmission to
the issuer in an
online transaction
0110 / 0210
0120 / 0220
0130 / 0230
EMV
Format
Length
0420
0430
# Tag Name Usage
Tag
91
13. Issuer 8-16 b - C - - - - Data sent back to
Authenticati the ICC as
on Data response data for
online issuer
authentication.
Mandatory for
online successful
transactions OR if
any script/s are
sent to the card by
the issuer
9F5B
14. Issuer Script Var. b - - C - C - Present if scripts
Results Up were sent by
to issuer in original
25 response
71
15. Issuer Script Var. b - C - - - - Contains
Template 1 up proprietary issuer
to data for
127 transmission to
the ICC before
issuing the second
GENERATE AC
command. Present
if sent by Issuer
72
16. Issuer Script Var. b - C - - - - Contains
Template 2 up proprietary issuer
to data for
127 transmission to
the ICC after
completion of the
second GENERATE
AC command.
Present if sent by
Issuer
0110 / 0210
0120 / 0220
0130 / 0230
EMV
Format
Length
0420
0430
# Tag Name Usage
Tag
9F09
17. Terminal 2 b O - O - O - Version number
Application assigned for the
Version application
Number
9F33
18. Terminal 3 b M - M - M - Indicates the
Capabilities capabilities of the
terminal, like card
data input
method, CVMs,
security functions
etc..
9F1A
19. Terminal 2 n3 M - M - M - Indicates the
Country country of the
Code terminal,
represented
according to ISO
3166
9F35
20. Terminal 1 n2 O - O - O - Indicates the
Type environment of
the terminal, its
communications
capability, and its
operational
control
95
21. Terminal 5 b M - M - M - Status of the
Verification different functions
Results (TVR) as seen from the
terminal
5F2A
22. Transaction 2 n3 M - M - M - Indicates the
Currency currency code of
Code the transaction
according to ISO
4217
0110 / 0210
0120 / 0220
0130 / 0230
EMV
Format
Length
0420
0430
# Tag Name Usage
Tag
9A
23. Transaction 3 n6 M - M - M - Local date that the
Date YYM transaction was
MD authorized
D
9F41
24. Transaction 2-4 n 4- O - O - O - Counter
Sequence 8 maintained by the
Counter terminal that is
incremented by
one for each
transaction
9C
25. Transaction 1 n2 M - M - M - Indicates the type
Type of financial
transaction,
represented by the
first two digits of
the ISO 8583:1987
Processing Code.
9F37
26. Unpredictabl 4 b M - M - M - Random number
e Number generated by
terminal for each
transaction.
4F
27. ICC Vari B O - O - O - ADF name (AID)
Application able returned by ICC, as
ID (…1 read from
6) directory file, in
template 61
* In case of any difference between the above table as presented in this manual and in the RuPay-
online switching interface specification, the table presented in RuPay- online switching interface
specification will take precedence.
Format LLLVar
Requirement In case of Chip, the subfields 1, 7 and 9 of this field can have
a combination of either of the following values depending
upon the condition given
4 Offline Chip
Figure 3 - Process for Application Selection (Part 1 of 2: Building the Candidate list)
A list of other relevant terms that are introduced during Application Selection is
provided below. These terms relate to EMV functionality and chip card processing.
DIRECTORY METHOD:
The chip card has a Payment System Environment (PSE) application
which contains list of all the payment applications supported by the
card. For more details and examples on this, see Annex C of EMV 4.2
Book 1ICC to Terminal Interface
The terminal issues a SELECT command for the PSE, and then issues the
READ RECORD command to obtain each record in the Payment System
Directory. It may have to repeat this process if any of the records
contain additional DDFs
If the PSE is blocked or if there were no applications added to the
candidate list, the terminal then attempts to build the candidate list via
the List of AIDs Method
The terminal adds an AID to candidate list for which successful response is
received from the card to the SELECT command issued by the terminal. The
application is added to the candidate list when either the AID provided by
the chip card is an exact match to the AID in the terminal, or when the AID in
the terminal matches the initial bytes of the chip card’s AID and the
Application Selection Indicator (ASI) in the terminal for that AID indicates
that partial matching is allowed.
If the card is blocked or if certain conditions are not met, the transaction can
be terminated during this transaction step. See EMV 4.2 Book 1ICC to
Terminal Interface for a full description of these conditions.
6.1.3 Commands
SELECT
This command is used by the terminal in both phases of Application Selection.
During the first phase “Building the Candidate List,” it is used to: (1) select the
Payment System Directory, (2) select additional DDFs, or (3) select the AID.
During the second phase “Final Selection”, the SELECT command is used to
select the AID.
This command must be performed as described in Section 11 of EMV 4.2 Book1
ICC to Terminal Interface
READ RECORD
This command is used by the terminal to read the Payment System Directory or
other DDF records. This command must be performed as described in Section 11
of EMV 4.2 Book1 ICC to Terminal Interface
AID Application
Version Number
A0000005241010 0064
A0000001523010 0001
A0000000651010 0200
Amount Authorized
Terminal Capabilities
Terminal Type
Transaction Date
Transaction Type
A list of other relevant terms that are introduced during Application Selection is
provided below. These terms relate to EMV functionality and chip card processing.
Application File AFL A list identifying the files and records to be used in
Locator the processing of a transaction.
If a PDOL was present in the FCI data of the selected application, the terminal also
constructs the PDOL data as described in Section 5.4 of EMV 4.2 book 3 Application
Specification.
The terminal then sends the GET PROCESSING OPTIONS command to the chip card.
If requested, the PDOL data is included with the GET PROCESSING OPTIONS
command. If the requested PDOL data included an amount field that the terminal is
unable to provide at this stage in the transaction, the relevant amount field is
populated with hexadecimal zeros.
In response to the GET PROCESSING OPTIONS command, the chip card returns the
AIP and AFL to the terminal. If the chip card returns an error, the terminal returns to
Step 1: Application Selection and the application is removed from the candidate list.
Otherwise, the transaction moves to Step 3: Read Application Data.
6.2.3 Commands
GET PROCESSING OPTIONS
This command is used by the terminal to inform the chip card that transaction
processing is starting, and to provide any data requested in the PDOL. This
command must be performed as described in Section 6.5 of EMV 4.2 Book 3
Application Specification.
6.3.3 Commands
READ RECORD
This command is used by the terminal to read the records indicated by the AFL.
This command must be performed as described in Section 6.5 of EMV 4.2 Book 3
Application Specification
This algorithm involves creation of key pairs (public & private) using a mathematical
formation which links the generated key pair with each other. A key is a binary value
that is used as part of an algorithm to encrypt or decrypt data. The three types of
Rivest, Shamir & Adleman (RSA) key pairs used during this process are the Certificate
Authority Keys (CA), the Issuer Keys, and the ICC Keys. The CA key pairs are created
by scheme. The public key components of the generated key pairs are stored in the
terminal. The Issuer Public Keys and the ICC Public Keys are generated by the issuer
and placed on the chip card during personalization.
The three types of offline data authentication are Static Data Authentication (SDA),
Dynamic Data Authentication (DDA) and Combined Dynamic Data Authentication /
Application Cryptogram Generation (CDA). The method performed depends on the
capabilities of the chip card and terminal.
The results of Offline Data Authentication are stored in the TVR for use later in the
transaction.
Yes
Were the keys
successfully
recovered?
No
Transaction
moves to
processing
restriction
Figure 7 - Process flow for Offline Data Authentication (Part 1 of 3: Process Overview)
No
No
Transaction
moves to
processing
restriction
No
Terminal sends INTERNAL
AUTHENTICATE command Terminal uses default DDOL
No
Transaction
DDA Fails so the terminal
moves to
sets the relevant TVR and
processing
TSI bit as per EMV
restriction
A list of other relevant terms that are introduced during Offline Data Authentication is
provided below. These terms relate to EMV functionality and chip card processing.
If a terminal does not support Offline Data Authentication, it sets the relevant TVR /
TSI bits as per EMV and moves to Step 5: Processing Restrictions.
The terminal examines the AIP obtained during Initiate Application Processing to
identify the types of Offline Data Authentication that the chip card supports. The
terminal then compares the methods in the AIP to the methods that it supports. The
terminal chooses the highest mutually supported method. CDA has the highest
priority, followed by DDA and lowest being the SDA. If the chip card does not
support Offline Data Authentication, or if data required for Offline Data
Reads the RID and the CA PKI from the chip card data
Identifies which of its stored CA PKs should be used
Uses the CA PK to recover the Issuer Public Key from the Issuer Public
Key Certificate
Uses the Issuer Public Key to recover the ICC Public Key from the ICC
Public Key Certificate
Issues an INTERNAL AUTHENTICATE command to the chip card to obtain
the dynamic signature, the signed dynamic authentication data
o The INTERNAL AUTHENTICATE command also includes the data
requested by the chip card during Read Application Data in the
DDOL
o If the chip card did not contain a DDOL, the terminal’s default
DDOL is used
o The DDOL must include the Unpredictable Number. If it does
not, DDA fails
Receives the dynamic signature from the chip card and validates it with
the ICC Public Key
Sets the relevant TVR and TSI bits as per EMV and moves to Step 5:
Processing Restrictions
Reads the RID and the CA PKI from the chip card data
Identifies which of its stored CA PKs should be used
Uses the CA PK to recover the Issuer Public Key from the Issuer Public
Key Certificate
Uses the Issuer Public Key to recover the ICC Public Key from the ICC
Public Key Certificate
If any step fails, the terminal sets the relevant TVR and TSI bits as per
EMV and no further CDA processing is performed
If the keys are recovered successfully, the remainder of CDA is
performed starting in Section 6.8, Step 8: First Terminal Action Analysis.
The terminal then moves to Step 5: Processing Restrictions
6.4.3 Commands
INTERNAL AUTHENTICATE
This command is used by the terminal to request the chip card to generate the
signed dynamic authentication data. The command includes the data elements
that are detailed in the DDOL, which must include the Unpredictable Number.
This command must be performed as described in Section 6.5 of EMV 4.2 Book3
Application Specification
The results of Processing Restrictions are stored in the TVR for use later in the
transaction. The chip card is not directly involved in this step.
No
Terminal compares
transaction to AUC rules
Yes
Are there any Terminal sets the relevant
restrictions? TVR bit as per EMV
No
Yes
Is the Chip Terminal sets the relevant
Card expired? TVR bit as per EMV
No Transaction
moves to
Cardholder
verification
A list of other relevant terms that are introduced during Processing Restrictions is
provided below. These terms relate to EMV functionality and chip card processing.
6.5.3 Commands
There are no commands used in this transaction step.
No
Is the CVM
Terminal reviews the next supported and
Yes Terminal performs CVM (See
CVM on the chip card’s list allowed for this separate flow for PIN processing)
transaction?
No
Was CVM Yes The terminal sets the relevant TVR/TSI
processing
bits as per EMV
successful?
No
Are there any Yes Does the CVM list CVM processing fails so that the Transaction moves
Yes No
CVM left in the allow processing terminal sets the relevant TVR and to processing
CVM list? of another CVM? TSI bit as per EMV restriction
No
Figure 11 - Process flow for Cardholder Verification (Part 1 of 2: CVM List Processing)
Confidential RuPay CHIP-Acquiring Requirements Guide Page 50 of 117
Figure 12 - Process flow for Cardholder Verification (Part 2 of 2: PIN Processing)
Cardholder CVM Results Indicates the results of the final CVM performed.
Verification
Method Results
Enciphered PIN Transaction PIN enciphered at the PIN pad for online
Data (if online verification or for offline verification if the PIN pad
PIN is supported) and terminal are not a single integrated device.
Transaction PIN Data entered by the cardholder for the purpose of the
Data PIN verification.
List of other relevant terms that are introduced during Cardholder Verification is provided
below. These terms relate to EMV functionality and chip card processing.
Cardholder CVM Method used to ensure that the person presenting the
Verification ICC is the person to whom the card was issued.
Method
The terminal begins by checking the AIP to determine whether the application
supports Cardholder Verification. If supported, there are 2 parts to the process:
Part I: Determining which CVM to perform – The terminal determines which CVM
to use
Part II: Performing the CVM – The terminal performs the CVM and stores the results
Online PIN
Offline plaintext and / or enciphered PIN
Signature
Combined offline PIN and signature
No CVM required
The terminal first examines the CVM list to determine which CVM to use for
the transaction. Each entry on the list contains the type of CVM, a condition
code indicating when the CVM is to be performed (e.g., “Always” or “If
Cash”), and a flag indicating whether another CVM may be attempted if the
CVM fails. In some cases, terminal or card data elements may also be
utilized in combination with the condition code to determine whether the
CVM is allowable for the transaction, e.g., Amount, Authorized or
Application Currency Code. See Annex C of EMV 4.2 Book3 Application
Specification for the CVM Condition Codes.
The terminal reviews each CVM starting with its condition code. If it
determines that a CVM is recognized and, by comparing it to the Terminal
Capabilities, supported, it moves to Part II: Performing the CVM. If the
terminal encounters a CVM that is not recognized, it sets the relevant TVR
bits as per EMV and then checks whether it can try a different CVM.
If the PIN Try Counter indicates that no PIN try attempts are left,
Offline PIN has failed so the terminal sets the relevant TVR and
TSI bits as per EMV
If the PIN pad is malfunctioning or if PIN entry is bypassed,
Offline PIN processing has failed so the terminal sets the
relevant TVR and TSI bits as per EMV
The terminal sends a VERIFY command to the chip card with the
Transaction PIN Data, including a parameter that indicates whether
the PIN was enciphered.
If the chip card response indicates that the PIN was verified, the
terminal sets the relevant TSI bits as per EMV and moves to Step
7: Terminal Risk Management
If the chip card response indicates that the PIN validation has
failed and the PIN try limit is not zero, the terminal returns to
the PIN entry prompt to allow the cardholder another
opportunity to enter the PIN. If the value of the remaining PIN
Try Counter returned by the chip card is 1, the terminal may
display a message to indicate that there is only one PIN Try
remaining
If the chip card response indicates that the PIN try limit was
exceeded, Offline PIN has failed so the terminal sets the relevant
TVR and TSI bits per EMV
If the chip card responds in any other way, the terminal
terminates the transaction
6.6.2.2.3 Signature
If signature is chosen as the CVM, and the terminal supports
signature, the process is considered successful and cardholder
verification is complete. The terminal sets itself to print a signature
line on the receipt during post-transaction processing and sets the
relevant TVR/ TSI bits as per EMV. The terminal then moves to Step
7: Terminal Risk Management.
6.6.3 Commands
GET DATA
GET CHALLENGE
This command is used by the terminal to obtain an Unpredictable Number from the
chip card for use in the PIN encipherment process. This command must be
performed as described in Section 6.5 of EMV 4.2 Book3 Application Specification.
VERIFY
This command is used by the terminal during offline PIN verification to compare the
PIN entered by the cardholder to the reference PIN from the chip card. This
command must be performed as described in Section 6.5 of EMV 4.2 Book3
Application Specification.
No Yes
Is transaction amount greater Terminal sets the relevant TVR bits
than the floor limit? as per EMV
No
Has the transaction been Yes Terminal sets the relevant TVR bits
randomly selected? as per EMV
No
Has the chip card exceeded Yes Terminal sets the relevant TVR bits
the allowable number? as per EMV
No
Yes
Terminal sets the relevant TVR bits
Is the chip card new?
as per EMV
No
Yes
Is the PAN on an exception Terminal sets the relevant TVR bits
file? as per EMV
No
Yes
Did the merchant force the Terminal sets the relevant TVR bits
transaction online? as per EMV
No
Transaction moves to
Terminal Action Analysis
A list of other relevant terms that are introduced during Terminal Risk Management
is provided below.
Exception File (if A list of card numbers stored in the terminal that
supported by the have been identified by the issuer to be either sent
terminal) online or declined if a transaction is attempted.
Last Online LOATC ATC value of the last transaction that went online.
Application
Transaction
Counter
The terminal begins by checking the AIP to determine whether Terminal Risk
Management is to be performed. In Terminal Risk Management, the terminal
performs a series of checks, including Terminal Floor Limit, Random Transaction
Selection, Velocity Checking, New Card Check, Exception File Checking, and/or
Transaction Forced Online, few of which are described in the following subsections.
Terminals may also have the capability to hold a transaction log to prevent
split sales. This log contains a transaction history that includes the
Application PAN, the transaction amount, and optionally the Application
PAN Sequence Number and the transaction date. During a transaction, the
terminal compares the chip card being used with the log. If the terminal
identifies a match, it adds the most recent transaction amount in the log
with the current transaction amount and compares this total amount to the
Floor Limit. If the total amount of the transactions is greater than, or equal
to, the Floor Limit, the terminal sets the relevant TVR bits per EMV.
NPCI recommends that terminals that are capable of storing multiple Floor
Limits, store a separate Floor Limit for magnetic stripe and for chip card
transactions, as well as for domestic and international transactions.
Upon completion of these checks, the terminal sets the relevant TSI bit as
per EMV and moves to Step 8: First Terminal Action Analysis.
6.7.2 Commands
GET DATA
This command is used by the terminal to request both the ATC and the LOATC
from the chip card. This command must be performed as described in Section
6.5 of EMV 4.2 Book3 Application Specification.
Up to this point in the transaction, all processing was completed offline. Moving
forward, data is generated that may be sent to the issuer during authorization or
clearing. A security element called a cryptogram is used to secure this data and to
provide validation that the chip card involved is genuine.
This step results in a request for the chip card to decline, send online, or approve the
transaction.
No Yes
Is the Terminal
Yes Terminal checks Issuer and Should the
transaction be
offline only? Payment Brand default rules
declined offline?
No No
No
No
No
Transaction moves
to first card action
analysis
Card Risk CDOL1 A list of the tags and lengths of data elements that
Management must be passed to the ICC in the first GENERATE AC
Data Object List 1 command.
IAC Denial
IAC Online
Part I: TVR Comparison – The terminal determines the type of cryptogram it will
request
Part II: Requesting a Cryptogram – The terminal requests a cryptogram from the
chip card
The usage of the IACs and TACs depends on the capabilities of the terminal.
Online-only terminals may optionally skip the default IAC and TAC check and
instead request an immediate offline decline. In all cases, when the terminal
completes the TVR comparison, it moves to Part II: Requesting a
Cryptogram.
The terminal also includes the data detailed in the CDOL1 in the first
GENERATE AC command. Once the first GENERATE AC command has been
sent, the transaction moves to Step 9: First Card Action Analysis.
6.8.1.3 CDA
If the terminal selected CDA during Offline Data Authentication, it now
determines whether to request a dynamic signature in the first GENERATE
AC command.
6.8.2 Commands
GENERATE APPLICATION CRYPTOGRAM
This command is used by the terminal to request a cryptogram from the chip
card. There are two times during transaction execution when this command may
be issued:
This command must be performed as described in Section 6.5 and Section 9 of EMV
4.2 book3 Application Specification.
DESCRIPTION 00 10 00 00 00 FF FF FF FF FF FF FF FF FF FF
BYTE BIT DENIAL ONLINE DEFAULT
Offline data authentication
1 was not performed 0 1 1
SDA failed 0 1 1
ICC data missing 0 1 1
Card appears on Terminal
exception file 0 1 1
DDA failed 0 1 1
CDA failed 0 1 1
RFU 0 1 1
RFU 0 1 1
ICC and Terminal have
2 different application versions 0 1 1
Expired application 0 1 1
Application not yet effective 0 1 1
Requested service not
allowed for card product 1 1 1
New card 0 1 1
RFU 0 1 1
RFU 0 1 1
RFU 0 1 1
Cardholder Verification was
3 not successful 0 1 1
Unrecognized Card
Verification Method (CVM) 0 1 1
PIN Try Limit exceeded 0 1 1
PIN entry required but PIN
pad not present or not
working 0 1 1
PIN entry required, PIN pad
present but PIN not entered 0 1 1
Online PIN entered 0 1 1
RFU 0 1 1
RFU 0 1 1
Transaction exceeds floor
4 limit 0 1 1
Lower consecutive offline
limit exceeded 0 1 1
Upper consecutive offline
limit exceeded 0 1 1
Was CDA
Yes Chip card generates dynamic
requested? signature
No
Transaction
moves to
online
processing
There are no data elements originating from the terminal during First Card Action
Analysis. However, a list of other relevant terms that are introduced during First
Terminal Action Analysis is provided below. These terms relate to EMV functionality
and chip card processing.
When the chip card receives the first GENERATE AC command, it performs internal
risk management to determine how it will respond to the terminal’s request. The
chip card tracks the results of its risk management processing in the Card
Verification Results (CVR).
Based on its risk management, the chip card can choose to overrule the terminal’s
recommendation in certain scenarios. However, the chip card cannot lessen the
severity of the terminal’s recommendation. For example, the chip card cannot
respond with an online approval if the terminal has recommended declining the
transaction offline.
The acceptable responses by the chip card to the first GENERATE AC command are
detailed below
Decline the transaction offline (AAC) Decline the transaction offline (AAC)
When the chip card determines its response, it sends the appropriate cryptogram
along with the Cryptogram Information Data (CID), Issuer Application Data (IAD), and
the ATC. If CDA was requested and the chip card response is not an offline decline,
the chip card also generates and returns the dynamic signature. The transaction
then moves to Step 10: Online Processing.
More details on the response format options and specific data included can be
found in Section 6.5 of EMV 4.2 Book3 Application Specification.
6.9.3 Commands
There are no commands used in this transaction step.
No
Yes Terminal uses the ICC public
key to validate the dynamic
Was CDA signature
requested in the
first GENERATE AC?
No
The relevant TVR bit is SET as
per EMV
Transaction
moves to 2nd
Terminal Action
Analysis
Did the chip
Yes
card return a
TC?
Transaction
No moves to
Transaction
Terminal generates the authorization Completion
message and sends to the issuer
Yes
Was the Issuer processes authorization
transaction sent and sends response message
Online
successfully?
Was the
No authorization Yes
response message
downgraded?
Transaction
moves to 2nd
Terminal Action No
Analysis
Chip card validates cryptogram Transaction sends EXTERNAL Yes Does the AIP
and sends response AUTHENTICATE command indicate that issuer
authentication is
supported?
Transaction
Issuer Authentication is No moves to 2nd
complete so the terminal sets Terminal Action
the relevant TSI bit as per EMV Analysis
Confidential RuPay
Figure CHIP-Acquiring
16 - Process flowRequirements Guide
for Online Processing Page 72 of 117
6.10.1 Terminal Data Elements and Other Relevant Terms
The data elements that originate in the terminal during Online Processing are listed
below.
Terminal Verification TVR Status of the different functions as seen from the
Results terminal.
Note: See Section 12.1 of EMV 4.2 Book4 Other Interfaces for a list of EMV data elements
that are included in the authorization message and refer the RuPay PoS Switching Interface
specifications for more details.
A list of other relevant terms that are introduced during Online Processing is provided
below. These terms relate to EMV functionality and chip card processing.
Issuer Data sent from the issuer or its proxy to the ICC for
Authentication online Issuer Authentication.
Data
Online Processing starts when the terminal receives the chip card’s response to the
first GENERATE AC command. The terminal examines the response to determine the
type of processing to perform.
If CDA was requested and the chip card returns a dynamic signature in the response,
the terminal uses the ICC Public Key recovered during Offline Data Authentication to
validate the signature. If this fails, the terminal sets the relevant bit in the TVR and
stops Online Processing and moves to Step 11: Second Terminal Action Analysis.
The terminal then examines the type of cryptogram that was returned by the chip
card. If the chip card returned either a TC or an AAC, the terminal moves to Step 13:
Transaction Completion. If the chip card returned an ARQC, the terminal creates an
authorization request message that includes the ARQC and the data used to create
it. This message is then sent to the issuer.
In addition to the inclusion of the data elements that are created as a part of an
EMV transaction, other fields in the authorization request message are populated
with data from the chip card ( e.g., track 2 data, expiry date, Application PAN, etc.).
The track 2 data on the chip may not be an exact match to the track 2 data on the
card itself if the issuer is using a Card Verification Data for Integrated Chip Cards
(iCVD).
When the issuer receives the authorization request, the ARQC is validated and then
an authorization response message is sent to the terminal that includes the Issuer
Authentication Data and any Issuer Scripts. Upon receiving the authorization
response, the terminal determines whether it needs to perform Issuer
Authentication as described in Section 6.10.2.1 of this document.
If the AIP indicates that the chip card supports Issuer Authentication, the
terminal performs it as described below. If Issuer Authentication is not
supported, the terminal moves to Step 11: Second Terminal Action Analysis.
6.10.3 Commands
EXTERNAL AUTHENTICATE
Second Terminal Action Analysis is not part of every transaction. It only occurs in
transactions where the chip card has previously requested that the transaction be
sent online for authorization.
In this transaction step, the terminal makes a second recommendation on how the
transaction should be completed. This recommendation is based on either the
This step results in the terminal requesting the chip card either to decline or to
approve the transaction.
No No
No
Transaction
Terminal includes CDA moves to second
request if required card action
analysis
ARC
Issuer Authentication Data
TVR
Unpredictable Number
Terminal Action Codes TAC Default Specifies the conditions that cause a
– Default transaction to be rejected if it might
have been approved online, but the
terminal is unable to process the
transaction online.
A list of other relevant terms that are introduced during Second Terminal Action
Analysis is provided below. These terms relate to EMV functionality and chip card
processing.
Card Risk CDOL2 A list of the tags and lengths of data elements that
Management Data must be passed to the ICC in the second GENERATE
Object List 2 AC command.
The terminal can enter Second Terminal Action Analysis from several points
depending on the processing that occurred in Step 10: Online Processing. The
scenarios and the terminal processing that occurs are detailed in the following table.
Terminal was unable to go online The terminal compares the TVR to the IAC and TAC
default values; the terminal then creates a second
GENERATE AC command.
Authorization response message The terminal examines the ARC received in the
received authorization response message, and creates a
second GENERATE AC command that requests
either an AAC or a TC.
6.11.3 Commands
GENERATE APPLICATION CRYPTOGRAM
This command is used by the terminal to request a cryptogram from the chip
card. There are two times during transaction execution when this command may
be issued:
Second Card Action Analysis results in the chip card responding to the terminal with
a cryptogram that reflects the chip card’s final decision on whether the transaction
should be approved or declined.
Was CDA
Yes Terminal attempts to Did the terminal Yes Relevant TVR and TSI bits are
validate the dynamic fail to validate the
requested? set as per EMV
signature signature?
No No
When the chip card receives the second GENERATE AC command, it performs a final
round of risk management to determine how to respond to the terminal’s request.
If the terminal has requested that the transaction be declined, the chip card can
only respond with a decline
If the terminal requested that the transaction be approved, the chip card can
respond with either an approval or a decline response based on upon the results
of its internal risk management
6.12.3 Commands
There are no terminal commands used in this transaction step.
No
Figure 19 - Process flow for Transaction Completion (Part 1 of 2: Completion after first
GENERATE AC Response)
Was CDA
Yes Terminal attempts to Did the terminal Yes Relevant TVR and TSI
validate the dynamic fail to validate the
requested? bits are set as per EMV
signature signature?
No No
Figure 20 - Process flow for Transaction Completion (Part 2 of 2: Completion after Second GENERATE AC Response)
6.13.3 Commands
There are no terminal commands used in this transaction step.
No
No
Issuer script processing
fails so the terminal sets
the relevant TSI bits as
per EMV
No
No
If issuer scripts are included in the authorization response, the terminal starts by
examining the type of script returned and then sends the script to the chip card.
Terminal can send the Issuer scripts to the chip card at two points during an EMV
transaction:
The terminal formats the data received into the command format and sends the
script command to the chip card for processing. If there are multiple script
commands within a script sent in the authorization response, the terminal processes
the script commands in the order in which the issuer placed them in the
authorization message.
6.14.3 Commands
Below table provides the list of script commands supported by RuPay
Step 12: Second Card Action Analysis N/A – Chip card functionality
Step 14: Issuer to Card Script Processing Conditional (if online capable)
The Terminal shall be approved and listed on the Level 1 and Level 2 approved
lists available on the EMVCo website at www.emvco.com
The Terminal along with the acquirer Host Interface shall be compliant with
NPCI requirements and must have successfully passed NPCI end-to-end
certification testing
Terminals shall be certified to the PCI PED security requirements
Terminals shall be certified for PA/ PCI DSS standards as well
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
1 x X x x x x x Manual key entry
x 1 X x x x x x Magnetic stripe
x x 1 x x x x x IC with contacts
x x X 0 x x x x RFU
x x X x 0 x x x RFU
x x X x x 0 x x RFU
x x X x x x 0 x RFU
x x X x x x x 0 RFU
Table 37 Terminal Capabilities - Byte 2: CVM Capability
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
Plaintext PIN for ICC
1 x X x x x x x
verification
Enciphered PIN for
x 1 X x x x x x
online verification
x x 1 x x x x x Signature (Paper)
Enciphered PIN for
x x X 1 x x x x
offline Verification
x x X x 0 x x x No CVM Required
x x X x x 0 x x RFU
x x X x x x 0 x RFU
x x X x x x x 0 RFU
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
1 x X x x x x x SDA
x 1 X x x x x x DDA
x x 0 x x x x x Card Capture
x x X 0 x x x x RFU
x x X x 1 x x x CDA
x x X x x 0 x x RFU
x x X x x x 0 x RFU
x x X x x x x 0 RFU
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
1 x x X x x x x Cash
x 1 x X x x x x Goods
x x 1 X x x x x Services
x x x 1 x x x x Cash back
1
x x x X 0 x x x Inquiry
2
x x x X x 0 x x Transfer
3
x x x X x x 0 x Payment
x x x X x x x 0 Administrative
Note:
1
For the purpose of this specification, an inquiry is a request for information about one of
the cardholder’s accounts
2
For the purpose of this specification, a transfer is a movement of funds by a cardholder
from one of its accounts to another of the cardholder’s accounts, both of which are held by
the same financial institution
3
For the purpose of this specification, a payment is a movement of funds from a cardholder
account to another party, for example, a utility bill payment
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
4
0 x x X x x x x Cash Deposit
x 0 x X x x x x RFU
x x 0 X x x x x RFU
x x x 0 x x x x RFU
x x x X 0 x x x RFU
x x x X x 0 x x RFU
x x x X x x 0 x RFU
x x x X x x x 0 RFU
Note:
4
A cash deposit is considered to be a transaction at an attended or unattended terminal
where cardholder deposits cash into a bank account related to an application on the card
used
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
1 x x X x x x x Numeric keys
Alphabetic and special
x 1 x X x x x x
characters keys
x x 1 X x x x x Command keys
x x x 1 x x x x Function keys
x x x X 0 x x x RFU
x x x X x 0 x x RFU
x x x X x x 0 x RFU
x x x X x x x 0 RFU
Table 42 Additional Terminal Capabilities - Byte 4: Terminal Data Output Capability
b8 b7 b6 b5 b4 b3 b2 b1 Meaning5
1 x x X x x x x Print, attendant
x 0 x X x x x x Print, cardholder
x x 1 X x x x x Display, attendant
x x x 0 x x x x Display, cardholder
x x x X 0 x x x RFU
x x x X x 0 x x RFU
x x x X x x 0 x Code table 10
x x x X x x x 0 Code table 9
Note:
The code table number refers to the corresponding part of ISO/IEC 8859
5
If the terminal is attended (Terminal Type = ‘x1’, ‘x2’, or ‘x3’) and there is only one printer,
the ‘Print, attendant’ bit shall be set to ‘1’ and the ‘Print, cardholder’ bit shall be set to ‘0’. If
the terminal is attended and there is only one display, the ‘Display, attendant’ bit shall be set
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
0 x x X x x x x Code table 8
x 0 x X x x x x Code table 7
x x 0 X x x x x Code table 6
x x x 0 x x x x Code table 5
x x x X 0 x x x Code table 4
x x x X x 0 x x Code table 3
x x x X x x 0 x Code table 2
x x x X x x x 1 Code table 1
Note:
The code table number refers to the corresponding part of ISO/IEC 8859
POS Terminals that already have Chip Card capabilities may need the following
changes to be implemented to accept Chip Cards:
Select an approved Chip Card reader from the list included on www.emvco.com
Install the Chip Card reader into the unattended POS Terminal and modify its
payment processing software as follows:
o Modify the Terminal payment application to handle Chip Card
Transactions
o Modify the Terminal Acquirer interface to handle RuPay Chip Data
Elements for authorization and batch data capture.
Load Terminal parameters
GET DATA
READ RECORD
SELECT
The Chip Card transaction may not be completed for reasons like –
o The Chip Card and the Terminal fail to reach completion of the transaction
due to technical problem. Here completion of transaction means the final
decision (approval or decline) taken by the Chip and communicated
successfully to the terminal. Transaction completion does not include script
processing i.e. if due to any reasons, the terminal is not able to process the
scripts sent by the Issuer after the Chip has communicated its decision to
the terminal, the terminal will not raise a fall back.
If the transaction cannot be completed as a Chip Card Transaction, a fall back to
magnetic stripe transaction shall be allowed
Refund processing in case of RuPay Chip Card will be carried out in a manner similar
to that in RuPay Magstripe Card; however, the refund request message will contain
the chip data of the card.
Condition Message
Magnetic stripe transaction attempted by a card INSERT CARD or USE CHIP READER
with a service code that indicates it is chip capable
Fall back transaction PLEASE SWIPE CARD or USE
MAGSTRIPE
The card has restrictions preventing the current NOT ACCEPTED
transaction from being processed
The PIN Try Counter indicates that the Cardholder LAST PIN TRY
has only one PIN attempt remaining
The PIN that the Cardholder entered was incorrect INCORRECT PIN
After an incorrect PIN has been entered, the RE-ENTER PIN
Cardholder is asked to enter the PIN again
Transaction is concluded and Chip Card removal is REMOVE CARD
allowed
If a Chip Card is removed prior to the card’s completion of its final cryptogram
generation (at either the end of the first or second card action analysis), the
Transaction must be terminated. If the Chip Card is removed after its final
cryptogram generation, but before Issuer script processing, the Transaction is
considered complete.
Data Condition
AID Mandatory
Approval Code Mandatory
Date of Charge Mandatory
Establishment Name and / or Number
Mandatory
(Merchant Details)
Total Amount (Including currency if other
Mandatory
than the local currency)
Truncated Account Number (PAN) Mandatory
Transaction Certificate (TC) Optional
Conditional – Required if signature is used as the
mechanism for cardholder verification, in other
Cardholder Signature
cases, the decision to print this data is at
Acquirer’s discretion
Application Preferred Name or Application
Optional
Label
Expiration Date Optional
Indicator showing that chip was used for
Optional
the transaction
TVR Optional
TSI Optional
PIN Verification Status to be printed for
successfully verified PIN; recommend value
as below Conditional if PIN is used as the mechanism for
cardholder verification
- PIN Verified OK
Below detailed are some conditional samples that might be a useful reference for the Acquirer /
terminal vendor –
ABC Bank
XYZ Merchant
Mumbai
Sign ____________________________
Disclaimer for Customer
Merchant / Customer Copy
ABC Bank
XYZ Merchant
Mumbai
PIN Verified OK
ABC Bank
XYZ Merchant
Mumbai
Sign ____________________________
For a Chip Card Transaction, a reversal is performed in the same way as for a
magnetic stripe transaction.
When the Chip Card performs its final analysis after an online approved
authorization is received, in certain scenarios it can still decline the Transaction.
When the Chip Card declines the Transaction at this point, the Terminal should
generate a reversal message
Note: The Acquirer shall get in touch with NPCI for latest test tools and test cases.
Application Selection
AID / Application
Version Number
A0000005241010 /
0064
A0000001523010 /
All supported Application 0001
Identifier (AID) and supporting A0000000651010 /
Application version numbers 0200 NPCI
1. Cardholder
Selection
2. Cardholder
Confirmation
3. Application
Final Selection Method Priority NPCI
It is recommended that
terminals should have
6 slots for CA PKs per
AID and their
associated Data
CA Public Keys 6 keys Elements NPCI
Processing Restrictions
Selection - NA -
Other Requirements
As configured for
Terminal Country Code 0356 domestic magstripe Acquirer
As configured for
Terminal Currency Code 0356 domestic magstripe Acquirer
CONDITIONS / SOURCE OF
PARAMETER POSSIBLE VALUES PRE-REQUISITES CONFIGURATION
Compliance
1. Support up to 19
digits
2. Sending the PAN
intact in
Authorization and
PAN Length Clearing Messages Terminal Vendor
Displayable Messages on Terminal
Magnetic stripe transaction
attempted by a card with a
service code that indicates it is chip INSERT CARD or USE Acquirer /
capable CHIP READER Scheme Provider
PLEASE SWIPE CARD Acquirer /
Fallback transaction or USE MAGSTRIPE Scheme Provider
The card has restrictions preventing
the current Acquirer /
transaction from being processed NOT ACCEPTED Scheme Provider
The PIN Try Counter indicates that For OFFLINE PIN
the Cardholder has verifications Acquirer /
only one PIN attempt remaining LAST PIN TRY only Scheme Provider
The PIN that the Cardholder entered Acquirer /
was incorrect INCORRECT PIN Scheme Provider
After an incorrect PIN has been
entered, the
Cardholder is asked to enter the PIN Acquirer /
again RE-ENTER PIN Scheme Provider
Acquirer /
The (offline) PIN entered was correct PIN OK Scheme Provider
Transaction is concluded and Chip
Card removal is Acquirer /
allowed REMOVE CARD Scheme Provider
Other Support Requirements
Acquirer /
Purchase with Debit and Credit Cards - NA - Mandatory Terminal Vendor
Cancellation at any time while Acquirer /
processing a transaction - NA - Mandatory Terminal Vendor
Support T=0 and T=1 protocols (for Acquirer /
Contact based EMV CHIP Cards) - NA - Mandatory Terminal Vendor
RID: A0 00 00 01 52
Note
Hash Value or the check value is calculated on the concatenation of all parts of the CA Public Key
(RID, CA Public Key Index, CA Public Key Modulus, CA Public Key Exponent) using SHA-1
CA PK Index 5B
D3F45D065D4D900F68B2129AFA38F549AB9AE4619E5545814E468F382049A0B97
76620DA60D62537F0705A2C926DBEAD4CA7CB43F0F0DD809584E9F7EFBDA3778
747BC9E25C5606526FAB5E491646D4DD28278691C25956C8FED5E452F2442E25E
DC6B0C1AA4B2E9EC4AD9B25A1B836295B823EDDC5EB6E1E0A3F41B28DB8C3B7
Modulus E3E9B5979CD7E079EF024095A1D19DD
Exponent 03
Hash Algorithm
Indicator 01 (SHA-1)
Public Key
Algorithm
Indicator 01 (RSA)
Hash Value 4DC5C6CAB6AE96974D9DC8B2435E21F526BC7A60
CA PK Index 5C
833F275FCF5CA4CB6F1BF880E54DCFEB721A316692CAFEB28B698CAECAFA2B2D2
AD8517B1EFB59DDEFC39F9C3B33DDEE40E7A63C03E90A4DD261BC0F28B42EA6E
7A1F307178E2D63FA1649155C3A5F926B4C7D7C258BCA98EF90C7F4117C205E8E
32C45D10E3D494059D2F2933891B979CE4A831B301B0550CDAE9B67064B31D8B
481B85A5B046BE8FFA7BDB58DC0D7032525297F26FF619AF7F15BCEC0C92BCDC
Modulus BC4FB207D115AA65CD04C1CF982191
Exponent 03
CA PK Index 5D
AD938EA9888E5155F8CD272749172B3A8C504C17460EFA0BED7CBC5FD32C4A80
FD810312281B5A35562800CDC325358A9639C501A537B7AE43DF263E6D232B81
1ACDB6DDE979D55D6C911173483993A423A0A5B1E1A70237885A241B8EEBB557
1E2D32B41F9CC5514DF83F0D69270E109AF1422F985A52CCE04F3DF269B795155
A68AD2D6B660DDCD759F0A5DA7B64104D22C2771ECE7A5FFD40C774E441379D
1132FAF04CDF55B9504C6DCE9F61776D81C7C45F19B9EFB3749AC7D486A5AD2E
781FA9D082FB2677665B99FA5F1553135A1FD2A2A9FBF625CA84A7D7365214311
Modulus 78F13100A2516F9A43CE095B032B886C7A6AB126E203BE7
Exponent 03
Hash Algorithm
Indicator 01 (SHA-1)
Public Key
Algorithm
Indicator 01 (RSA)
Hash Value B51EC5F7DE9BB6D8BCE8FB5F69BA57A04221F39B
RID: A0 00 00 00 65
Note
Hash Value or the check value is calculated on the concatenation of all parts of the CA Public Key
(RID, CA Public Key Index, CA Public Key Modulus, CA Public Key Exponent) using SHA-1
CA PK Index 08
B74670DAD1DC8983652000E5A7F2F8B35DFD083EE593E5BA895C95729F2BADE9
C8ABF3DD9CE240C451C6CEFFC768D83CBAC76ABB8FEA58F013C647007CFF7617
BAC2AE3981816F25CC7E5238EF34C4F02D0B01C24F80C2C65E7E7743A4FA8E232
Modulus 06A23ECE290C26EA56DB085C5C5EAE26292451FC8292F9957BE8FF20FAD53E5
Exponent 03
Hash Algorithm
Indicator 01 (SHA-1)
Public Key
Algorithm
Indicator 01 (RSA)
Hash Value DD36D5896228C8C4900742F107E2F91FE50BC7EE
CA PK Index 0F
9EFBADDE4071D4EF98C969EB32AF854864602E515D6501FDE576B310964A4F7C2
CE842ABEFAFC5DC9E26A619BCF2614FE07375B9249BEFA09CFEE70232E75FFD64
7571280C76FFCA87511AD255B98A6B577591AF01D003BD6BF7E1FCE4DFD20D0D
0297ED5ECA25DE261F37EFE9E175FB5F12D2503D8CFB060A63138511FE0E125CF
Modulus 3A643AFD7D66DCF9682BD246DDEA1
Exponent 03
Hash Algorithm
Indicator 01 (SHA-1)
Public Key
Algorithm
Indicator 01 (RSA)
Hash Value 2A1B82DE00F5F0C401760ADF528228D3EDE0F403
CA PK Index 11
A2583AA40746E3A63C22478F576D1EFC5FB046135A6FC739E82B55035F71B09BE
B566EDB9968DD649B94B6DEDC033899884E908C27BE1CD291E5436F762553297
763DAA3B890D778C0F01E3344CECDFB3BA70D7E055B8C760D0179A403D6B55F2
B3B083912B183ADB7927441BED3395A199EEFE0DEBD1F5FC3264033DA856F4A8
Modulus B93916885BD42F9C1F456AAB8CFA83AC574833EB5E87BB9D4C006A4B5346BD9E
Exponent 03
Hash Algorithm
Indicator 01 (SHA-1)
Public Key
Algorithm
Indicator 01 (RSA)
Hash Value D9FD62C9DD4E6DE7741E9A17FB1FF2C5DB948BCB
CA PK Index 13
A3270868367E6E29349FC2743EE545AC53BD3029782488997650108524FD051E3
B6EACA6A9A6C1441D28889A5F46413C8F62F3645AAEB30A1521EEF41FD4F3445B
FA1AB29F9AC1A74D9A16B93293296CB09162B149BAC22F88AD8F322D684D6B49
A12413FC1B6AC70EDEDB18EC1585519A89B50B3D03E14063C2CA58B7C2BA7FB2
2799A33BCDE6AFCBEB4A7D64911D08D18C47F9BD14A9FAD8805A15DE5A38945
A97919B7AB88EFA11A88C0CD92C6EE7DC352AB0746ABF13585913C8A4E04464B
77909C6BD94341A8976C4769EA6C0D30A60F4EE8FA19E767B170DF4FA80312DB
Modulus A61DB645D5D1560873E2674E1F620083F30180BD96CA589
Exponent 03
Hash Algorithm
Indicator 01 (SHA-1)
Public Key
Algorithm
Indicator 01 (RSA)
Hash Value 54CFAE617150DFA09D3F901C9123524523EBEDF3
RID: A0 00 00 0524
Note
Hash Value or the check value is calculated on the concatenation of all parts of the CA Public Key
(RID, CA Public Key Index, CA Public Key Modulus, CA Public Key Exponent) using SHA-1
CA PK Index 6B
C9DFDB625ADA4B5E86049F85A0237627B59524F52BD499B4C5482C1EE012D61A
1446E9383CC0B7EE2922D323A5ECDA12941EA8177CFA512DA6B5B7663A89B793
B10D314CBB776EB96D0B1734EDE7E1591713915E9991B7B4E8A017A6901279AE
BDD6136C9FE7E0C6CBF94C77FA606B629D00B1F890473905EB4DAD1AD93B29C2
Modulus C1829A82F880B08986B9387611EE409D
Exponent 03
Hash Algorithm
Indicator 01 (SHA-1)
Public Key
Algorithm
Indicator 01 (RSA)
Hash Value 9602428A46271C63CCC6DD99477CDB70435D6D5B
CA PK Index 6C
C76259FF785ABD5FF613223C01F5BDA0F36F9342CF336B66C32D4B2CD5096E094
D8E04DFA11A9B2E3BC78DA63B5C10148D8ED79EBA685D5D0EFE1C58B3F929D8
61B40FF3AAA3B527148D0C24921EE42DA048E01E38F6A3A49DFA67DD1CD5DD2
091412DD36D3269FAF7D2E0FFB1A3E028969CB6BA5A9303A6FF65540F421B069
A31B553398EE525EFA5C2CE26BCB81C5345018D5E3E9B7130F72F598C0EAA4682
Modulus D4DA2F2204518780A8108F82DDC9CF1F
Exponent 03
CA PK Index 6D
B747E8CB3615E8D26231355488F3C76C4746F7BB1C381E6C6E6ABF0A6D7CD93CF
C6B2C310288CA8BE7EE1730DE621A59D1BB2D8C02C9148FA06E5D1F5E672EEFC
E8AECBAD4A1C18F3175F1BEA1AEF539376592366B46A5044E32E59B3F35F50E85
F843BA01851E5386B7EBE27367D3D483C5472D3020AF42116DDDA32341557EBA
BB043EBC6006B99A652009045BFA50C527028586E05942E1D594223B49FE85669
31C31FBE8C903ABD4F283E1FAB03D758247EC4B728A85A9897601B753293263A
DBD10BE988D0C52FE0091C2721DC02C5130FC7663E95739A70EE2F84DFD2E50C
Modulus 88A1A26587EF7CC047FCA2D03C2CF0CE4B524B4EC3F07
Exponent 03
Hash Algorithm
Indicator 01 (SHA-1)
Public Key
Algorithm
Indicator 01 (RSA)
Hash Value 411008F9921B89C62E2160F6D0358614115ECD4A