Specifications
Smart Cards Lab COMPGA12 University College London
16 Bank Card Chip Exploration
Warning: your bank card belongs to your bank, not to you. It is specifically
written in card contracts. You are NOT allowed to do what you want with
your card. You are NOT allowed to hack your bank card.
Here we will do some very simple tests with reading some public zones
of the card to establish the basic capabilities of each card. The functional
specifications of bank cards are public (EMV Co), and in addition the cards
also contain a lot of proprietary data objects (which we cannot decode).
Students are asked not to try anything with their current UK bank card.
We will experiment with some old and foreign bank cards.
16.1 Select The Master File
We will implement the beginning of a bank transaction.
The main file in a bank card is always called: 1PAY.SYS.DDF01 or in
hex: 31 50 41 59 2E 53 59 53 2E 44 44 46 30 31
We will send the following command:
SELECT FILE by an AID
CLA INS P1 P2 Lc DataIn
00 A4 04 00 0E 31 50 41 59 2E 53 59 53 2E 44 44 46 30 31
16.2 Answer Status
Answer: .
The answer is typically:
SW1 SW2
61 Le
Where
61 == Normal Processing.
Le = the length of the file 1PAY.SYS.DDF01.
Errors:
Some cards return a proprietary error message, for example 6E 00.
It can also be one of the standard error messages:
.
Other cards answer with
SW1 SW2
6A 82
c
Nicolas T. Courtois 2009-10