We have presented in class the basic communication mechanisms in EMV, the protocol used in banking transactions. We have seen the low-level communication layer, as well as the higher layers of communication, including the format of commands (CAPDUs) and responses (RAPDUs). Furthermore, we have also seen an example of transaction.

Throughout this lab you'll have to analyze the transcript of a transaction, specifying what commands are being sent and what data is received from the card.

For this, you should get the EMV specification for contact/acceptance device (books 1-3) from http://emvco.com:

• Book 0 (contact specs)
• Book 1
• Book 2
• Book 3

You are given the following ATR (each character represents a hexadecimal digit):

3B6500002063CB6600

Decode it in order to understand the ATR parameters. Mention the available parameters.

A card returns the following TLV as a response to a READ RECORD command (ignore the line breaks, this should be a single hexstring):

70538D06910A8A0295058E0C0000000000000000410000008C219F02069F03069F1A02950
55F2A029A039C019F37049F35019F45029F4C089F34039F561380000FFFFF000000000000
00000000000000009F5501809000

Find what are the cardholder verification methods allowed.

A short part of the communication between terminal (T) and card (C) is as follows:

T->C: 80CA9F1700
C->T: 6C04
T->C: 80CA9F1704
C->T: CA9F1701069000

1. What is the command being sent by the terminal ?
2. What is it asking for ?
3. What is the value obtained in the end for that item ?

A short part of the communication between terminal (T) and card (C) is as follows:

T->C: 0020008008241111FFFFFFFFFF
C->T: 9000

1. What is the command being sent by the terminal ?
2. What is the data being sent by the terminal ?
3. What is the response of the card? What does it mean ?

A short part of the communication between terminal (T) and card (C) is as follows:

T->C: 80AE80002B00000000000000000000000000008000000000000000000000000000003400000000000000000000410002
C->T: 612B
T->C: 00C000002B
C->T: C077299F2701809F360201349F2608817C3AAB208BE0659F10120310A00006250400000000000000000000FF9000

1. What is the command being sent by the terminal ?
2. What is the data being sent by the terminal ?
3. What is the response of the card? What does it mean ?

Do the following on Linux (this is for Ubuntu/Debian – you might need root access):

• Install these packages:

sudo apt install libpcsclite-dev swig libpcsc-perl pcsc-tools python3-dev libudev-dev python3-pyscard python3-pyserial

Note: on some distributions the python3-pyserial package is python3-serial.

If this doesn't work, then get Pyserial from here

• Install pcsc related libs:

sudo apt install libusb-dev libccid pcscd libpcsclite1

• You might also want to install these additional card tools from here:

sudo apt install libpcsc-perl pcsc-tools

On Arch Linux, get the following packages (reference the Arch wiki if you need to):

yay -S swig flex libusb ccid pcsclite pcsc-perl pcsc-tools python-pyscard python-pyserial

You may need to start the pcscd daemon:

systemctl start pcscd.service

See details here.

For Windows drivers you can check here. However, we recommend using Linux, as the instructions below apply for the Linux installation.

For Mac OS, things should work by just installing pcsc_tools through mac ports or brew:

sudo port install pcsc-tools swig py-pyscard py-serial

Try this with your card in the smartcard reader:

pcsc_scan

This should show you the ATR and some applications on the card.

What is the ATR from your card ?

Start with files for accessing the card data in this archive.

Create a file named terminal.txt that will be populated as mentioned below (perhaps already included in the zip file). This file should end with a line containing the string 0000000000.

After updating this file (see below), we can run the terminal in this manner:

python3 sclink.py --scterminal terminal.txt gg

We shall now first select the main financial application on the card via the general 1PAY.SYS.DDF01 file available on some EMV cards followed by the selection of the Application ID. See EMV Book 1, sections 11.3 and 12 for details.

In summary, the main steps are these:

1. Send the first SELECT command with 1PAY.SYS.DDF01: 00A404000E315041592E5359532E4444463031
2. Decode the response using emvlab. Use the SFI response (e.g. 01, concatenated with the record number encoded in the last 3 bits): (SFI << 3) | REC_NUM. E.g. If SFI=01 and REC_NUM=1, we get the Reference Control parameter (P2) 0x0C for the READ RECORD command, leading to the READ RECORD command 00B2010C00.
3. Check the available apps by sending READ RECORD commands of the form 00B2010C00, 00B2020C00, etc. Check the responses by decoding them with emvlab
4. Eventually select one of them using SELECT, e.g.

• Select particular app: 00A4040007XXXXXXXXXXXXXX (replace the X values based on the Application ID response to the 00B2XXX command above).

E.g. to get something like 00A4040007A0000000041010 (if the application has 7 bytes – 14 hex characters for the Application ID).

• 00A4040007A0000000041010 (this must be updated for your card, based on the response to the 00B2XXX command above).
• Start transaction with GET PROCESSING OPTS: 80A80000028300

Now your terminal.txt file should look something like this (but again, replace the Application ID with the correct one and also use the correct READ RECORD commands – from your trials).

terminal.txt

00A404000E315041592E5359532E4444463031
00B2010C00
00A4040007A0000000041010
80A80000028300
0000000000

As mentioned above, now run this terminal emulator with the following code:

python3 sclink.py --scterminal terminal.txt gg

What applications do you see on the card ?

Are you able to start communication ?

Say you know the card's master key to be:

79610497EFCB67E5546EF8CEBCB05D85

Can you regenerate the cryptogram (MAC) from the information obtained in the previous exercises ?

You know the encryption algorithm is 3DES.

Besides the data from previous exercises, you are also given the Application Interchange Profile is 0x1000.