Specifications

Smart Cards Lab COMPGA12 University College London

Answer obtained:

SW1 SW2

If the answer was indeed of form ’61 Le’, we will be able to recover the

answer:

GET RESPONSE

CLA INS P1 P2 Le

00 C0 00 00

Response obtained:

Here the card returns both:

1. Application Interchange Proﬁle (AIP): supported functions (for ex-

ample that the card supports SDA or DDA, and if the card supports

Cardholder veriﬁcation)

2. Application File Locator (AFL): pointers to application data available

(At this stage the terminal also sees if the card has stored records of transactions preformed oﬄine. These

will be taken into account in Terminal Risk Management).

16.8 Read Application Data

Now the terminal may read from the card all the data speciﬁed by the AFL.

If one objects repeats, some AFL object is missing, or some mandatory

object is not in AFL, or any kind of errors occurs, the terminal terminates

the transaction.

However according to the EMV spec it is not required that card veriﬁes

that the terminal conforms to all of this

Therefore we skip this stage.

16.9 Oﬄine Data Authentication

Here SDA, DDA or CDA can be performed.

This part is optional, or more precisely it can be performed later, and

typically the card does not check if it was performed.

We skip this part too.

Nicolas T. Courtois 2009-10