Recent changes

Lab 10 - EMV Basics

We have presented in class the basic communication mechanisms in EMV, the protocol used in banking transactions. We have seen the low-level communication layer, as well as the higher layers of communication, including the format of commands (CAPDUs) and responses (RAPDUs). Furthermore, we have also seen an example of transaction.

Throughout this lab you'll have to analyze the transcript of a transaction, specifying what commands are being sent and what data is received from the card.

For this, you should get the EMV specification for contact/acceptance device (books 1-3) from http://emvco.com:

1. Answer-to-Reset (2p)

You are given the following ATR (each character represents a hexadecimal digit): 

3B6500002063CB6600

Decode it in order to understand the ATR parameters. Mention the available parameters.

See book 0 (contact specs), chapter “Answer to Reset”, section 8.2 (Characters Returned by ICC at Answer to Reset)

2. Card verification method (2p)

A card returns the following TLV as a response to a READ RECORD command (ignore the line breaks, this should be a single hexstring): 

70538D06910A8A0295058E0C0000000000000000410000008C219F02069F03069F1A02950
55F2A029A039C019F37049F35019F45029F4C089F34039F561380000FFFFF000000000000
00000000000000009F5501809000

Find what are the cardholder verification methods allowed.

Use this tool to decode the TLV (remove the spaces from above).

See the EMV book 3 for “Cardholder Verification Method (CVM) List” in Section 10.5 and Appendix C3.

3. Card verification method (2p)

A short part of the communication between terminal (T) and card (C) is as follows: 

T->C: 80CA9F1700
C->T: 6C04
T->C: 80CA9F1704
C->T: CA9F1701069000
  1. What is the command being sent by the terminal ?
  2. What is it asking for ?
  3. What is the value obtained in the end for that item ?

See EMV book 3:

  • section 6.3.5 for status bytes
  • section 6.3 and 6.5 for commands

4. Card-holder verification (2p)

A short part of the communication between terminal (T) and card (C) is as follows: 

T->C: 0020008008241111FFFFFFFFFF
C->T: 9000
  1. What is the command being sent by the terminal ?
  2. What is the data being sent by the terminal ?
  3. What is the response of the card? What does it mean ?

See EMV book 3:

  • section 6.3.5 for status bytes
  • section 6.3 and 6.5 for commands

5. Transaction authentication (2p)

A short part of the communication between terminal (T) and card (C) is as follows: 

T->C: 80AE80002B00000000000000000000000000008000000000000000000000000000003400000000000000000000410002
C->T: 612B
T->C: 00C000002B
C->T: C077299F2701809F360201349F2608817C3AAB208BE0659F10120310A00006250400000000000000000000FF9000
  1. What is the command being sent by the terminal ?
  2. What is the data being sent by the terminal ?
  3. What is the response of the card? What does it mean ?

See EMV book 3:

  • section 6.3.5 for status bytes
  • section 6.3 and 6.5 for commands

MAC generation (Bonus) (2p)

Say you know the card's master key to be: 

79610497EFCB67E5546EF8CEBCB05D85

Can you regenerate the cryptogram (MAC) from the information obtained in the previous exercises ?

You know the encryption algorithm is 3DES.

Besides the data from previous exercises, you are also given the Application Interchange Profile is 0x1000.

See EMV book 2, section 8.1.

Cursuri

Laboratoare

Teme

Resurse

Table of Contents

ac/laboratoare/10.txt · Last modified: 2024/01/11 16:30 by marios.choudary
Old revisions
Media ManagerBack to top
CC Attribution-Share Alike 3.0 Unported
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0