万事达卡 EMV 中的 GETCHALLENGE 问题 (6D00)
GETCHALLENGE issue(6D00) in EMV for MasterCard
对于 EMV 中的 GETCHALLENGE 请求 (0084000000),我们得到 VISA\DEBIT 卡的肯定响应,但对于 MASTERCARD,我们得到的响应为 6D00(指令代码不支持或无效)。
以下是在调用 MasterCard 的 Get Challenge 之前执行的命令序列。如您所见,CDOL 具有 ICC 动态号码的标签,当调用通过执行 get Challenge 命令获取动态号码时,我收到指令代码不支持的错误消息。
重置答案
响应:3b6d00000031c071d66419160100849000 Select支付系统目录
请求:00A404000E315041592E5359532E444446303100
响应:6f1a840e315041592e5359532e4444463031a5088801015f2d02656e9000
读取数据
请求:00B2010c00
响应:701a61184f07a0000000041010500a4d6173746572436172648701019000
Select申请
请求:00A4040007a000000004101000
响应:6f278407a0000000041010a51c500a4d6173746572436172648701015f2d02656ebf0c059f4d020b0a9000
获取处理选项
请求:80A8000002830000
响应:770a820238009404100105019000
内部验证
请求:0088000004E153F3E800
Response : 77539f4b508464f182032bd432f415ec7ddaa3e601526a2b860fcc9785475f8f45f095186e3658bc0a55bceb2d4c22fbded8af82bd81338e38961c5d000dd5a8f99d3ec0c774648534a2b362b55d4b9ee13f2043739000
读取数据
请求:00B2011400
Response : 7081835f25031402015f24031703315a08XXXXXXXXXXXXXXXX5f3401019f0702ff008e10000000000000000042015e0342031f039f0d05b8500408009f0e0500008800009f0f05b8700498008c219f02069f03069f1a0295055f2a029a039c019f37049f35019f45029f4c089f34038d0c910a8a0295059f37049f4c085f280208409f4a01829000
读取数据
请求:00B2021400
Response : 70689f080200025711XXXXXXXXXXXXXXXXd1703201021010792f5f2018XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX5f300202019f1f1a30303030303030323130313030303030303739323030303030309f420208409f4401029f49039f37049f4701039000
读取数据
请求:00B2031400
Response : 7081b79f4681b0c507d5fc6f008bf22f04484d0522f9a652df181559a938096558461a6a44a3acc8e1e64fb901a3bd5fa656ea1ec2eb2021d8ddab983aa5362ae0972bb717dc8f852da5a3ad03884c2ef06c4f2a7c56ff9891dd800707665569fb32bb05425c6d5a7461f2a604eb681d659bf052cad311af2b29e8a571a8e93a015814090eb13589e40756b5706e4e5bb75a1734f871aa6e6894f959f020854dfa9bca011340b470e5c45309f91486e7aa882a9109df708f01059000
读取数据
请求:00B2041400
Response : 7081b39081b057591da6a8901a96bb23f5ebbf6d86ae95b07395146a9a940833b1ba052e65676c9c4f7d0d86ec55f58a75647736b31895a7d1f439f777abc8866abd9054ebebed31f882fa05d6188da55f9a9ebf346e3a93e9cd0663fddaaa56f55d56ba37f5405804e873edd79fefd9957114e1c6826240b5ff049a0ea221310b1f25d6586863550673f979956de1df27f0bd91bfac6d4aa2b239d290b90a10b6b9f54ac006e3b917e3bb3e87e430ecb1927579fa979000
读取数据
请求:00B2051400
响应:702a9f3201039224be09660a5a008739dcaa90106e2d4e0b99d3996fb7284012c1255c17e2709a52cdb9d7cb9000
获取数据 - 申请交易计数器
请求:80CA9F3600
响应:6a88
获取数据 - 上次在线 ATC 登记
请求:80CA9F1300
响应:6a88
获取数据 - Pin Try Counter
请求:80CA9F1700
响应:9f1701039000
获取数据 - 日志格式
请求:80CA9F4F00
响应:9f4f119f27019f02065f2a029a039f36029f52069000
获得挑战
请求:0084000000
响应:6d00
请指教
对于 CDOL 的 ICC 动态号码,在 GPO 之后,需要对卡进行内部验证。这将为您提供签名的动态应用程序数据(这是在 ICC 私钥下签名的证书)。
以下是我使用您的 ICC Public 密钥打开的您提供的证书的内容。可以看到长度为08的ICC动态数据,C7C298C8C60E2984是你的动态编号。干杯,享受!!
具体是怎么做到的,需要看EMV 4.3 Book 2
安全和密钥管理第 6 节,离线动态数据认证。快乐学习。 完成后请告诉我,并接受此答案
DDA: Signed Dynamic Application Data Verification
****************************************
ICC PK Modulus:
BC41FF9CEF143DBC67F3FBF9F17565F5C948B0106CFF664BCB54EE935AC5E2119B1879AB1DEF5F456FFB7C21FB30329FADE04E62E749719C7C2920B91E3C459712D296F2A0CB3566AA46C55DBBEA6BEB
Signed Dynamic Application Data:
8464F182032BD432F415EC7DDAA3E601526A2B860FCC9785475F8F45F095186E3658BC0A55BCEB2D4C22FBDED8AF82BD81338E38961C5D000DD5A8F99D3EC0C774648534A2B362B55D4B9EE13F204373
----------------------------------------
Recovered Data: 6A05010908C7C298C8C60E2984BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBF97A677485DC0A64971C54099583FBD0F39870D0BC
Data Header: 6A
Signed Data Format: 05
Hash Algorithm Indicator: 01
Dynamic Data length: 09
ICC Dynamic Data: 08C7C298C8C60E2984
Pad Pattern: BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
Hash Result: F97A677485DC0A64971C54099583FBD0F39870D0
Data Trailer: BC
----------------------------------------
Recovered Data validation:
----------------------------------------
Step 1: Issuer PK Modulus and Signed Static Application Data having the same length: Passed
Step 2: Recovered Data Trailer check: Passed
Step 3: Recovered Data Header check (0x6A): Passed
Step 4: Certificate Format check (0x03): Passed
Step 5: Hash Input Data: 05010908C7C298C8C60E2984BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBE153F3E8
Step 6: Hashing Result: F97A677485DC0A64971C54099583FBD0F39870D0
Step 7: Hash Result Comparison: Passed
----------------------------------------
DDA Validation Succeed.
对于 EMV 中的 GETCHALLENGE 请求 (0084000000),我们得到 VISA\DEBIT 卡的肯定响应,但对于 MASTERCARD,我们得到的响应为 6D00(指令代码不支持或无效)。
以下是在调用 MasterCard 的 Get Challenge 之前执行的命令序列。如您所见,CDOL 具有 ICC 动态号码的标签,当调用通过执行 get Challenge 命令获取动态号码时,我收到指令代码不支持的错误消息。
重置答案
响应:3b6d00000031c071d66419160100849000 Select支付系统目录
请求:00A404000E315041592E5359532E444446303100
响应:6f1a840e315041592e5359532e4444463031a5088801015f2d02656e9000
读取数据
请求:00B2010c00
响应:701a61184f07a0000000041010500a4d6173746572436172648701019000
Select申请
请求:00A4040007a000000004101000
响应:6f278407a0000000041010a51c500a4d6173746572436172648701015f2d02656ebf0c059f4d020b0a9000
获取处理选项
请求:80A8000002830000
响应:770a820238009404100105019000
内部验证
请求:0088000004E153F3E800
Response : 77539f4b508464f182032bd432f415ec7ddaa3e601526a2b860fcc9785475f8f45f095186e3658bc0a55bceb2d4c22fbded8af82bd81338e38961c5d000dd5a8f99d3ec0c774648534a2b362b55d4b9ee13f2043739000
读取数据 请求:00B2011400
Response : 7081835f25031402015f24031703315a08XXXXXXXXXXXXXXXX5f3401019f0702ff008e10000000000000000042015e0342031f039f0d05b8500408009f0e0500008800009f0f05b8700498008c219f02069f03069f1a0295055f2a029a039c019f37049f35019f45029f4c089f34038d0c910a8a0295059f37049f4c085f280208409f4a01829000
读取数据
请求:00B2021400
Response : 70689f080200025711XXXXXXXXXXXXXXXXd1703201021010792f5f2018XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX5f300202019f1f1a30303030303030323130313030303030303739323030303030309f420208409f4401029f49039f37049f4701039000
读取数据
请求:00B2031400
Response : 7081b79f4681b0c507d5fc6f008bf22f04484d0522f9a652df181559a938096558461a6a44a3acc8e1e64fb901a3bd5fa656ea1ec2eb2021d8ddab983aa5362ae0972bb717dc8f852da5a3ad03884c2ef06c4f2a7c56ff9891dd800707665569fb32bb05425c6d5a7461f2a604eb681d659bf052cad311af2b29e8a571a8e93a015814090eb13589e40756b5706e4e5bb75a1734f871aa6e6894f959f020854dfa9bca011340b470e5c45309f91486e7aa882a9109df708f01059000
读取数据
请求:00B2041400
Response : 7081b39081b057591da6a8901a96bb23f5ebbf6d86ae95b07395146a9a940833b1ba052e65676c9c4f7d0d86ec55f58a75647736b31895a7d1f439f777abc8866abd9054ebebed31f882fa05d6188da55f9a9ebf346e3a93e9cd0663fddaaa56f55d56ba37f5405804e873edd79fefd9957114e1c6826240b5ff049a0ea221310b1f25d6586863550673f979956de1df27f0bd91bfac6d4aa2b239d290b90a10b6b9f54ac006e3b917e3bb3e87e430ecb1927579fa979000
读取数据
请求:00B2051400
响应:702a9f3201039224be09660a5a008739dcaa90106e2d4e0b99d3996fb7284012c1255c17e2709a52cdb9d7cb9000
获取数据 - 申请交易计数器
请求:80CA9F3600
响应:6a88
获取数据 - 上次在线 ATC 登记
请求:80CA9F1300
响应:6a88
获取数据 - Pin Try Counter
请求:80CA9F1700
响应:9f1701039000
获取数据 - 日志格式
请求:80CA9F4F00
响应:9f4f119f27019f02065f2a029a039f36029f52069000
获得挑战
请求:0084000000
响应:6d00
请指教
对于 CDOL 的 ICC 动态号码,在 GPO 之后,需要对卡进行内部验证。这将为您提供签名的动态应用程序数据(这是在 ICC 私钥下签名的证书)。
以下是我使用您的 ICC Public 密钥打开的您提供的证书的内容。可以看到长度为08的ICC动态数据,C7C298C8C60E2984是你的动态编号。干杯,享受!!
具体是怎么做到的,需要看EMV 4.3 Book 2 安全和密钥管理第 6 节,离线动态数据认证。快乐学习。 完成后请告诉我,并接受此答案
DDA: Signed Dynamic Application Data Verification **************************************** ICC PK Modulus: BC41FF9CEF143DBC67F3FBF9F17565F5C948B0106CFF664BCB54EE935AC5E2119B1879AB1DEF5F456FFB7C21FB30329FADE04E62E749719C7C2920B91E3C459712D296F2A0CB3566AA46C55DBBEA6BEB Signed Dynamic Application Data: 8464F182032BD432F415EC7DDAA3E601526A2B860FCC9785475F8F45F095186E3658BC0A55BCEB2D4C22FBDED8AF82BD81338E38961C5D000DD5A8F99D3EC0C774648534A2B362B55D4B9EE13F204373 ---------------------------------------- Recovered Data: 6A05010908C7C298C8C60E2984BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBF97A677485DC0A64971C54099583FBD0F39870D0BC Data Header: 6A Signed Data Format: 05 Hash Algorithm Indicator: 01 Dynamic Data length: 09 ICC Dynamic Data: 08C7C298C8C60E2984 Pad Pattern: BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB Hash Result: F97A677485DC0A64971C54099583FBD0F39870D0 Data Trailer: BC ---------------------------------------- Recovered Data validation: ---------------------------------------- Step 1: Issuer PK Modulus and Signed Static Application Data having the same length: Passed Step 2: Recovered Data Trailer check: Passed Step 3: Recovered Data Header check (0x6A): Passed Step 4: Certificate Format check (0x03): Passed Step 5: Hash Input Data: 05010908C7C298C8C60E2984BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBE153F3E8 Step 6: Hashing Result: F97A677485DC0A64971C54099583FBD0F39870D0 Step 7: Hash Result Comparison: Passed ---------------------------------------- DDA Validation Succeed.