B67137 PDF

Download as pdf or txt
Download as pdf or txt
You are on page 1of 138

APTRA™ NDC Business Services

EMV™ Integrated Circuit Card (ICC)


Reference Manual

B006‐7137‐A000
Issue 1
October 2012

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.
Copyright and Trademark Information

The products described in this document are copyrighted works of NCR Corporation.

NCR and APTRA are trademarks of NCR Corporation.


EMV is a trademark of EMVCo LLC.
Microsoft and Windows is a registered trademark of Microsoft Corporation in the United States and/or other countries.
Adobe and Reader are registered trademarks of Adobe Systems Incorporated.

All other trademarks are the property of their respective owners.

This publication supports NCR EMV/ CAM2 functionality for both APTRA Activate NDC Business Services and APTRA
Edge NDC Business Services on Microsoft Windows.

Disclaimer:

It is the policy of NCR Corporation to improve products as technology, components, software and firmware become
available. NCR therefore reserves the right to change specifications without prior notice.

All features, functions and operations described herein may not be marketed by NCR in all parts of the world. In some
instances, photographs are of equipment prototypes. Therefore, before using this document, consult with your NCR
representative or NCR office for information that is applicable and current.

To maintain the quality of our publications, we need your comments on the accuracy, clarity, organisation and value of
this book.

Address correspondence to:

NCR Financial Solutions Group Ltd


Information Solutions Feedback
Discovery Centre
3 Fulton Road
Dundee, Scotland
DD2 4SW

© 2012
By NCR Corporation
Duluth, Georgia, USA
All Rights Reserved

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.
Federal Communications Commission (FCC) Radio Frequency Interference Statement

Federal Communications
Commission (FCC) Radio Frequency
Interference Statement

Note: This equipment has been tested and found to comply with
the limits for a Class A digital device, pursuant to Part 15 of the
FCC Rules. These limits are designed to provide reasonable
protection against harmful interference when the equipment is
operated in a commercial environment. This equipment
generates, uses, and can radiate radio frequency energy and, if not
installed and used in accordance with the instruction manual,
may cause harmful interference to radio communications.
Operation of this equipment in a residential area is likely to cause
harmful interference in which case the user will be required to
correct the interference at his own expense.

This digital apparatus does not exceed the Class A limits for radio
Canadian Class A Device noise emissions from digital apparatus set out in the Radio
Declaration Interference Regulations of the Canadian Department of
Communications.
Le présent appareil numérique n’émet pas de bruits
radioélectriques dépassant les limites applicables aux appareils
numériques de la classe A prescrites dans le Réglement sur le
brouillage radioélectrique édicté par le ministère des
Communications du Canada.

This equipment must be installed and used in strict accordance with


Information to User the manufacturer’s instructions. However, there is no guarantee
that interference to radio communications will not occur in a
particular commercial installation. If this equipment does cause
interference, which can be determined by turning the equipment off
and on, the user is encouraged to consult an NCR service
representative immediately.

Caution NCR Corporation is not responsible for any radio or television


interference caused by unauthorised modifications of this
equipment or the substitution or attachment of connecting cables
and equipment other than those specified by NCR. Such
unauthorised modifications, substitutions, or attachments may void
the user’s authority to operate the equipment. The correction of
interference caused by such unauthorised modifications,
substitutions, or attachments will be the responsibility of the user.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services EMV™ Integrated Circuit Card (ICC) Reference Manual iii
Federal Communications Commission (FCC) Radio Frequency Interference Statement

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

iv APTRA™ NDC Business Services EMV™ Integrated Circuit Card (ICC) Reference Manual
Revision Record

Date Page Description Of Change

October All New publication


2012

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual v
Confidential and proprietary information of NCR.
Unauthorised use, reproduction and/or distribution is strictly prohibited.

vi APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents

Contents

Federal Communications Commission (FCC) Radio Frequency


Interference Statement

Preface

About This Publication ........................................................................... xi


Supported Software Releases .......................................................... xi
Who Should Read This Publication?.............................................. xi
Abbreviations Used in This Publication........................................ xi
What Is in This Publication?...........................................................xii
What Experience Should I Have? ..................................................xii
What Else Should I Read?...............................................................xii

Chapter 1
Introduction to ICC Processing

What Is ICC Processing? ......................................................................1‐1


ICC Processing Overview..............................................................1‐1
EMV Standards Compliance................................................................1‐3
Implementation Compliance.........................................................1‐3
Unsupported and Partially Supported Functions......................1‐3
Host Processing .....................................................................................1‐5
Brand Approval ..............................................................................1‐5
PIN Entry .........................................................................................1‐5
Track 2 Data .....................................................................................1‐5
Transaction Amount.......................................................................1‐6
Account Type ..................................................................................1‐6
Fallback.............................................................................................1‐6
Offline Decline.................................................................................1‐8
Receipt Printing...............................................................................1‐8
Script Errors and Card Declines on Second GENAC Command .
1‐9
Zero Length Objects........................................................................1‐9

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual vii
Table of Contents

Transaction Request EMV Buffer Position ..................................1‐9


Multiple Transaction Requests......................................................1‐9
Tracing Mechanisms.....................................................................1‐10
EMV Checksum.............................................................................1‐11

Chapter 2
SST to Host Messages

Overview ................................................................................................2‐1
SST Application Version Information ................................................2‐2
SST Hardware Information ..................................................................2‐3
Transaction Request Message Format ................................................2‐4
Message Format ..............................................................................2‐4
CAM Flags .......................................................................................2‐7
Command Reject Messages..................................................................2‐9
Specific Command Rejects.............................................................2‐9
SCRW / MCRW Hardware Error Reporting....................................2‐10
Unsolicited Device Status Message ............................................2‐10
Unsolicited Device Status Message During Chip Power‐Up .2‐10
Solicited Device Status Message .................................................2‐10
ICC Application Solicited/ Unsolicited Error Message Format....2‐11
Issuer Script Results and Completion Data .....................................2‐13

Chapter 3
Host to SST Messages

Overview ................................................................................................3‐1
Customisation Data Commands .........................................................3‐2
EMV Configuration Message...............................................................3‐3
ICC Currency Data Objects Table.................................................3‐5
ICC Transaction Data Objects Table.............................................3‐7
ICC Language Support Table......................................................3‐10
ICC Terminal Data Objects Table ...............................................3‐12
ICC Terminal Acceptable Application IDs Table.....................3‐14
Transaction Reply................................................................................3‐24
Field ‘bc’ ‐ Transaction Data Objects Update Buffer................3‐27
Interactive Transaction Response......................................................3‐28

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

viii APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents

Chapter 4
State Tables

State Tables.............................................................................................4‐1

Chapter 5
ICC Processing

Overview ................................................................................................5‐1
Issuer Script Processing ........................................................................5‐2
Data Object List (DOL) Processing .....................................................5‐3
BER‐TLV Data Object Processing........................................................5‐4
BER‐TLV Data Object Padding .....................................................5‐4
Terminal Specified BER‐TLV Data Objects .................................5‐4
Transaction Data Object List (TDOL) Processing ...........................5‐12
Printing EMV Data Values.................................................................5‐13
MAC Configuration ............................................................................5‐14
Terminal Verification Results (TVR) Processing ............................5‐16
Transaction Status Information (TSI) Processing ...........................5‐20
PIN Encryption and Verification.......................................................5‐22
ICC Application Name Display ........................................................5‐23
Voice Guidance ....................................................................................5‐24
Dynamic Currency Conversion.........................................................5‐25
Error Handling.....................................................................................5‐26
Fake ICC Application Errors .......................................................5‐27
ICC Application Journal Error Message ‐ Activate Only ..............5‐28
ICC Processing Termination ..............................................................5‐30
Authorisation Response Codes .........................................................5‐31

Appendix A
Related Documentation

Overview ...............................................................................................A‐1
Other NDC Business Services Documentation ................................A‐2
Other NCR Documentation ................................................................A‐3

Appendix B
Processing Restrictions

Overview ............................................................................................... B‐1

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual ix
Table of Contents

Restrictions ............................................................................................ B‐2


BER‐TLV Field Size........................................................................ B‐2
Candidate List Size ........................................................................ B‐2
Static Candidate List...................................................................... B‐2
Number of Application IDs in Download.................................. B‐3
Reading/Writing Magnetic Stripes .............................................. B‐3
Smart Card Reader/Writer (SCRW) ............................................ B‐3
Smart Dip Card Readers ............................................................... B‐3
Communications Protocols.......................................................... B‐3

Glossary
Glossary .................................................................................... Glossary‐1

User Feedback Form

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

x APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Preface
About This Publication

About This Publication

This publication covers EMV/CAM2 support for NDC Business


Supported Software Services.
Releases
This publication is a reference for any NDC Business Services
Who Should Read This developers who wish to configure Integrated Circuit Card (ICC)
Publication? Card Authentication Method (CAM) functionality to their
applications.
Before using this publication, you should be familiar with using
NDC Business Services, and have received the relevant training. For
more information on training availability, contact your local NCR
representative.
You should also be familiar with the relevant third‐party
specifications listed in the “Other NCR Documentation” section of
Appendix A, “Related Documentation”.

The following abbreviations are used in this publication:


Abbreviations Used in
This Publication
Abbreviation Used Meaning

ICC Integrated Circuit Card or smart card

CAM Card Authentication Method

EMV Europay Mastercard Visa.

The host Central NDC host computer

For a full list of abbreviations, see the Glossary.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual xi
Preface
About This Publication

The publication contains the following information:


What Is in This
Publication? Chapter 1, “Introduction to ICC Processing”
Provides an overview of ICC processing, and the functions
performed by it.

Chapter 2, “SST to Host Messages”


Provides details of the function and format of each type of EMV ICC
related message sent from the SST to the host.

Chapter 3, “Host to SST Messages”


Provides details of the function and format of each type of EMV ICC
related message sent from the host to the SST.

Chapter 4, “State Tables”


Provides details of the configuration options for EMV processing
that affect the application behaviour.

Chapter 5, “ICC Processing”


Provides specific information on the ICC processing, and the
functions performed.

Appendix A, “Related Documentation”


Provides details of the documentation you may find useful when
customising or extending your application and deploying it to an
SST.

Appendix B, “Processing Restrictions”


Lists the EMV ICC processing restrictions, of which you should be
aware.

You should have completed the following NCR intranet courses:


What Experience Should I
 EMV Technical Overview (course ID 32630)
Have?
 EMV for NDC Overview, Part 2 (course ID 32631)
For APTRA Activate users, NCR recommends the APTRA Activate
NDC Business Services training (Course ID 74959).
If you are a registered user, you can view details of these NCR
University courses at http://www.ncru.ncr.com.

You should be familiar with the NDC BS, Reference Manual


What Else Should I Read? (B006‐7073) as this EMV ICC Reference Manual is designed to
supplement that publication.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

xii APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Preface
About This Publication

All the documentation related to NDC Business Services and some


third‐party documentation, is listed and described in Appendix A,
“Related Documentation.”

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual xiii
Preface
About This Publication

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

xiv APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
Introduction to ICC Processing

Chapter 1
Introduction to ICC Processing

What Is ICC Processing? 1‐1


ICC Processing Overview 1‐1

EMV Standards Compliance 1‐3


Implementation Compliance 1‐3
Unsupported and Partially Supported Functions 1‐3
SST Objects 1‐3
Offline Static / Dynamic Data Authentication 1‐3
Terminal Action Analysis 1‐4
Terminal Risk Management 1‐4

Host Processing 1‐5


Brand Approval 1‐5
PIN Entry 1‐5
Track 2 Data 1‐5
Transaction Amount 1‐6
Account Type 1‐6
Fallback 1‐6
SST Configuration 1‐7
Host Processing 1‐7
First GENAC Error 1‐7
Offline Decline 1‐8
Receipt Printing 1‐8
Script Errors and Card Declines on Second GENAC Command
1‐9
Zero Length Objects 1‐9
Transaction Request EMV Buffer Position 1‐9
Multiple Transaction Requests 1‐9
Tracing Mechanisms 1‐10
EMV Kernel Trace 1‐10
Problem Determination and Journal Logs 1‐10
EMV Checksum 1‐11

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
Introduction to ICC Processing

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Introduction to ICC Processing
A

What Is ICC Processing?

What Is ICC Processing? 1

ICC (Integrated Circuit Card) processing enables the SST to accept


ICCs and perform the appropriate CAM (Card Authentication
Method) transaction processing. For more details refer to the .NET
EMV Card Services On‐line Documentation.
This ICC processing produces card verification information which is
supplied to the host, as described in Chapter 2, “SST to Host
Messages”.
The host can return similar verification information to the card, as
described in Chapter 3, “Host to SST Messages”.

The following steps give an overview of the ICC processing and at


ICC Processing Overview 1

which stages NDC Business Services is involved. For the purpose of


this overview, it is assumed that the card is an ICC and that the
transaction flow indicates that the card inserted is to be initialized as
an ICC.

1 When a card is inserted, the magnetic stripe is read from the


card. A solution may wish to only process the card as an ICC
where the track 2 from the magnetic stripe is found to contain
the ATB (Alternative Technology Byte) with a setting of ʹ2ʹ or ʹ6ʹ.
For the track 2 format, see ISO 7811: Identification Cards ‐
Recording Technique.

2 If the consumerʹs language preference is obtained during ICC


initialization, the consumer information is automatically
displayed in the preferred language. Alternatively, the
consumer can manually choose a language.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 1-1
Introduction to ICC Processing
What Is ICC Processing?

NDC Business Services provides configuration options for steps 3


&4

3 If there is more than one ICC application available, the ICC


applications are presented to the consumer. The consumer then
selects the ICC application to use. Alternatively, where
configured, the highest priority application can be automatically
selected.

4 If there is only one ICC application available, this can be


configured to be automatically selected. Alternatively, the
consumer is prompted to confirm / select the application.

5 If, during initialization, the SST determines that the ICC


application is not available or usable, the consumer is asked to
select another ICC application.

6 If there are no more ICC applications, or the choice is being


made automatically, the transaction flow displays the
appropriate message to the consumer.

7 If the account or product cannot be handled at the SST, the


transaction flow informs the consumer.

NDC Business Services provides configuration for PIN entry and


PIN Block generation in Step 8.

8 If the account or product can be handled, the consumer is asked


to enter the PIN for the account or product that relates to the
ICC application.

NDC Business Services in conjunction with the NDC Customiser


controls the interaction with the host in Steps 9 & 10.

9 The consumer then selects a service offered by the transaction


flow. Once this is done, a Transaction Request is sent to the host
with the CAM data included to enable authorization of the
transaction.

10 The host then responds to the Transaction Request with a


transaction reply containing CAM data.

11 Processing continues until the consumer completes all the


services required, or the host directs the SST to return the card,
and ends with a controlled termination of the transaction.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

1-2 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Introduction to ICC Processing
EMV Standards Compliance

EMV Standards Compliance 1

The NDC Business Services component is designed to be compliant


with the EMV specifications.
For details of compatibility with the EMV standard, refer to the
.NET EMV Card Services On‐line Documentation.
For more information about EMV, refer to http://www.emvco.com/.

The CAM ICC processing performed for NDC Business Services has
Implementation been designed to maximize flexibility and performance using
Compliance 1
configurable features. However, you need to be aware that certain
configurations in your SST network may result in partial
non‐compliance with Visa and/or MasterCard requirements.
NCR recommends you seek guidance from MasterCard and Visa to
ensure that your configured options do not contravene these
requirements.

Since the CAM ICC processing performed for NDC Business


Unsupported and Partially Services is for an online only (not offline) SST, some aspects of the
Supported Functions 1
standards are not applicable and are therefore not supported.
To improve SST performance, a number of areas identified in the
standards are also not supported.

SST Objects 1

Some objects are unsupported because they are not applicable to the
ICC processing performed.
The only objects maintained by CAM ICC are those identified in SST
specified“BER‐TLV Data Object Processing” in Chapter 5,
“Introduction to ICC Processing”. Where the content of an SST
maintained object is expected to be dynamically updated, the
support is as stated in the appropriate processing.

Offline Static / Dynamic Data Authentication 1

This functionality is not applicable because all transactions are


online only, with no need to perform any offline data
authentication.
The implication of not performing this processing is that an
imposter ICC application is detected as not genuine by the host,
rather than by the CAM ICC processing.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 1-3
Introduction to ICC Processing
EMV Standards Compliance

Terminal Action Analysis 1

Terminal Action Analysis (TAA) provides a decision point where


the SST decides whether to submit the transaction to the host or to
approve or reject it locally.
An NDC Business Services solution will always attempt to submit
the transaction to the host. The ‘Terminal Action Code ‐ Online’ is
not configurable and is always set to ‘FFFFFFFFFF’.
If a transaction cannot be submitted to the host, an NDC Business
Services solution will always decline the transaction. The ‘Terminal
Action Code ‐ Default’ is not configurable and is always set to
‘FFFFFFFFFF’.
The impact of this is that the SST does not query the ICC to
authorise transactions locally.

Terminal Risk Management 1

Terminal risk management (TRM) processing is provided through


Card Services. Refer to the .NET EMV Card Services On‐line
Documentation for further information.
The default (recommended) values provided are:
 FloorLimitChecking ‐ “IfRequired”
 RandomTransaction – “Never”
 VelocityChecking – “True”
The SST will use a floor limit value of zero, unless the host has
downloaded a different value for the floor limit.
Using the recommended TRM configuration, floor limit checking
will always be performed irrespective of the card’s application
interchange profile.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

1-4 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Introduction to ICC Processing
Host Processing

Host Processing 1

Where applicable, the NDC host is responsible and must cater for
the following requirements:
 Brand Approval
 PIN Entry
 Track 2 Data
 Transaction Amount
 Fallback
 Application Cryptogram
 Receipt Printing
 Script Errors & Card Declines on Second GENAC Command
 Zero Length Objects
 Transaction Request EMV Buffer Position

The Brand Approval process validates the requirements of payment


Brand Approval 1

systems, such as Visa or MasterCard, prior to deployment. Some


tests may have SST behaviour which depends on host processing.
As NDC Business Services is host‐controlled, some tests may
require specific host application behaviour.

The ICC contains information required by the SST to make decisions


PIN Entry 1

on PIN entry. A Financial Institution Table (FIT) match will be


attempted based on the (Primary Account Number) PAN of the
selected application on the ICC. The FIT data download controls the
number of PIN digits entered and the PIN Block encryption
algorithm used.
For details of FIT data download in the Card Service refer to
Chapter 3, “Financial Institution Tables” in the APTRA NDC
Business Services, Reference Manual.

Track 2 data can be sourced from the following fields in the


Track 2 Data 1

Transaction Request message:


 Field ‘h’ (Track 2 Data). For further information, refer to the
APTRA NDC Business Services, Reference Manual
 Field ‘bd2c’ (ICC data objects requested by the host). For further
information, see “Transaction Request Message Format” on
page 2‐4
By default, field ‘h’ contains the magnetic Track 2 data. When it is
requested, the Track 2 equivalent data from the chip (tag 0x57) is

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 1-5
Introduction to ICC Processing
Host Processing

sent to the host in field ‘bd2c’, together with all the other objects the
host has requested.
There are two ways the NDC host can decode the PIN buffer and
pass Track 2 information to the issuer, as follows:
 Recognize that the transaction is EMV based, and instead of
using the Track 2 data in the standard NDC Transaction Request
message, use the tag 0x57 data object in the CAM buffer.
However, this requires decoding of the CAM buffer, and
extraction and reformatting of the tag 0x57 object into the
standard Track 2 format; for example, addition of any start/end
sentinels, changing of any field separator characters, removal of
any padding ʹFʹ characters. Alternatively you can:
 Use an option in the ICC Terminal Acceptable Application IDs
Table (refer to “ICC Terminal Acceptable Application IDs
Table” on page 3‐14) to force the Track 2 data used by the EMV
transaction to be sent to the host in the standard NDC Track 2
data buffer. To do this, set field f18 ‘Track 2 Data for the Host’ to
the value ‘02’. This method should require no additional host
processing. As no magnetic Track 2 data is sent to the host,
fallback is not possible in some scenarios.

NDC Business Services will populate the Amount Other object (tag
Transaction Amount 1

9F03) with a zero value if the Amount Authorised object (tag 9F02)
is set.
These tags are sent to the host if requested.

NDC Business Services supports the Account Type object (tag 5F57)
Account Type 1

defined by EMV.
Activate Only
Configure the EMVAccountMapping property on the
AccountService class using the .NET Class Configurator to
provide suitable values for the Account Type based on the types of
account in use for a solution.
Edge Only
The account type value to be provided for each Account
AcquirerType in use by a solution is configurable through the
CAM2AccountConfiguration area in
NDCBSCAM2TerminalConfig.xml.

When the SST attempts to perform a transaction using an ICC and


Fallback 1

an error occurs, it is possible for the acquiring host to approve the


transaction based only on the magnetic stripe information. This
approval based on the magnetic stripe is often referred to as
fallback.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

1-6 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Introduction to ICC Processing
Host Processing

SST Configuration 1

NDC Business Services can be configured to allow fallback and a


subsequent request to be sent to the host for error and non‐error
scenarios at the various stages of ICC processing
up‐to‐and‐including pre‐authorisation of the selected ICC
application.

Host Processing 1

In order to make the decision to allow fallback, the host must know
the nature and position of the failure during EMV processing. This
can be determined by a combination of the CAM flags in the
Transaction Request message and the OpCode buffer.
The OpCode is used as a mechanism to communicate the POS Entry
mode to the host.
The NDC Customiser must be configured to set the operations code
appropriately for fallback scenarios, based on its access to the
SessionAccessToken property.

Activate Only
Refer to the .NET NDC Customiser On‐line Documentation.
Edge Only
Refer to the NDC Business Services On‐line Documentation.
First GENAC Error 1

The Card Service can be configured to fall back to the Magnetic


Stripe following a ‘failure’ on the first Generate Application
Cryptogram (GENAC) command.
Activate Only
Configuring an EMVFirstFenACFallbackCodesConfig on
NDCCardIssuerInfo will allow fallback for defined ‘SW1 SW2’
status bytes provided by the ICC in response to the GENAC
command, and is configurable for specific ICC Application
Identifiers.
For example, for MasterCard fallback an error status code of “69 85”
may be allowed.
Edge Only
Where TransactionRequestOnGenACFail is set to true in
NDCCAM2TerminalConfig.xml, fallback will be enabled for any
MasterCard, Cirrus or Maestro ICC application where SW1 and
SW2 status bytes of “69 85” are received in response to the first
GENAC command.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 1-7
Introduction to ICC Processing
Host Processing

An unsolicited CAM status message is sent to the host for the initial
GENAC command that has failed, followed by a Transaction
Request containing CAM data.
By going online, the SST is simply requesting the host to complete
the NDC transaction; the transaction is already complete according
to the ICC.
The NDC host recognizes this request, and in these specific cases
does not involve the card’s issuer, but deals with the request itself
and declines or authorises the magnetic striped based ‘fallback’
transaction.
The host can identify these scenarios by checking the Cryptogram
Information Data object sent by the SST, which for an offline decline
has bits 7 and 8 set to ‘00’, that is, AAC. Additionally, if the
Cryptogram Information Data object communicates “service not
allowed” where bits 1, 2 and 3 are set to ‘1’, ‘0’ and ‘0’ respectively,
the same host behaviour is expected.
In these fallback scenarios, the relevant “CAM Flags” (byte 1 bit 5)
will be set to ‘1’ to enable the host to identify the scenario.

In some cases, a transaction may be declined on the first Generate


Offline Decline 1

Application Cryptogram (GENAC) command.


The chip transaction is completed offline with the generation of an
AAC.
In this circumstance, NDC Business Services does not send a
Transaction Request message to the host.
NDC Business Services will instead send a fake CAM unsolicited
status message to the host with SW1 SW2 status bytes of “FF FF”.
This situation can occur if the SST declines the transaction after
terminal action analysis requests an AAC, or if the card declines the
transaction after returning an AAC to the first GENAC.

It is the host’s responsibility to print the consumer’s receipt and any


Receipt Printing 1

transaction information to the journal. This means the Application


Label, the Application Identifier (AID) and the Amount Authorised
should be requested by the host (as configured in a terminal
acceptable AID table download) in the Transaction Request. In this
way, the host can extract the information, format it appropriately,
and send the information back to the SST within the printer data
field of the Transaction Reply.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

1-8 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Introduction to ICC Processing
Host Processing

If the SST requests a Transaction Certificate (TC) in the second


Script Errors and Card Generate Application Cryptogram (GENAC) command but instead
Declines on Second receives an Application Authentication Cryptogram (AAC), the
GENAC Command 1 processing continues until all issuer scripts (if any) are performed,
and only then is a solicited error message sent to the host. The SST
will await a new Transaction Reply without CAM data.
The solicited error message is a fake ICC application‐level error
message with CLA = 0xFF, INS = 0xFF, P1 = 0xFF, P2 = 0xFF, Lc =
0x00, Le = 0x00, SW1 = 0xFF and SW2 = 0xFF, containing any
host‐requested completion objects and any issuer script results.
This solicited error message is also sent to the host when a script
fails. This enables the host to complete the transaction with a
different consumer message; for example, the displayed message
could read ‘Sorry, your PIN could not be changed’ after a failed PIN
Change script.
To determine the reason behind this error, the host must check the
host completion objects, specifically the Cryptogram Information
Data (9F27) object, to establish the cryptogram returned by the card.
In the case of a card decline on the second GENAC command, this
object will be set to AAC and the host should close down the NDC
transaction. If however, the object instead contains a TC, the
transaction has been approved and despite the script failure the host
will continue the transaction.
As Enhanced Configuration Option 69 is not supported by NDC
Business Services, there is no option to stop the SST sending the
solicited script error even when the cryptogram requested by the
host is successfully generated by the card.

Zero‐length fields in the EMV buffers of the Transaction Reply


Zero Length Objects 1

message will result in the message being rejected unless the


zero‐length field is in the Issuer Script field. If a script command
(tag 0x86) within the Issuer Script field of the Transaction Reply is
found to be of zero length, this is treated as an invalid script.

The EMV CAM Transaction Request data buffer for NDC Business
Transaction Request EMV Services is provided in field ‘bd’ with buffer identifier ‘5’. For full
Buffer Position 1
details of the Transaction Request message format, refer to the
APTRA NDC Business Services, Reference Manual.

If EMV data is sent to the host in multiple transaction requests (that


Multiple Transaction is, multiple requests during a single transaction), the EMV token can
Requests 1
be pre‐authorised before each transaction request. For example, this
is used in PIN change transactions where the different PIN blocks
are communicated separately to the host.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 1-9
Introduction to ICC Processing
Host Processing

Activate Only
For further information refer to the APTRA NDC Business Services,
Reference Manual.
Edge Only
For further information refer to the .NET NDC Business Services
On‐line Documentation.

Tracing can be enabled for debugging and testing.


Tracing Mechanisms 1

EMV Kernel Trace 1

EMV commands sent to and from the ICC can be traced by setting
the appropriate KernelTracingLevel for the Card Service. For details
refer to the .NET EMV Card Services On‐line Documentation.

Problem Determination and Journal Logs 1

Problem Determination and journal logs trace EMV information,


but some of this information may be customer sensitive and masked
for PCI DSS compliance.
For security reasons, the values of the following BER‐TLV objects
will not be traced by default. Each byte of the value field will be
replaced with an asterisk (*).

Tag Name Tag

Track2 Equivalent Data 57

Track1 Discretionary Data 9F1F

Track2 Discretionary Data 9F20

Application Primary Account 5A (First and last 4 characters will


Number be traced)

Application Primary Account 5F34


Number Sequence Number

Consumer Name 5F20

Consumer Name Extended 9F0B

International Bank Account 5F53


Number

Transaction PIN 99

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

1-10 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Introduction to ICC Processing
Host Processing

Tag Name Tag

Unpredictable Number 9F37

Application Expiry date 5F24

Service Code 5F30

Activate Only
Additional EMV tagged objects may be masked by configuration of
the AdditionalCAMTags property of the
ApplicationConnectionNDC class using the .NET Class
Configurator.
Edge Only
Additional tags for masking can be placed in the
NDCEMVCAM2MaskTags.xml configuration file .
A deployed SST should always provide this default masking as
above, as otherwise sensitive consumer information will be
captured in the Electronic Journal or PD trace log files.
Enabling logging will increase the transaction times but the traces
are useful for debugging issues with specific cards, and obtaining
test evidence in any Brand Approval process.
Additional Journal Tracing
ICC application journal error messages are written to the journal;
see “ICC Application Journal Error Message ‐ Activate Only” on
page 5‐28.

The SST produces an EMV checksum covering the EMV kernel


EMV Checksum 1

software. This checksum is required by EMV and is produced using


the SHA‐1 Hash algorithm on terminal‐resident data, for example
component version numbers, operating system, and SST
capabilities.
The Card Service traces this checksum to a Problem Determination
trace log.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 1-11
Introduction to ICC Processing
Host Processing

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

1-12 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
SST to Host Messages

Chapter 2
SST to Host Messages

Overview 2‐1

SST Application Version Information 2‐2

SST Hardware Information 2‐3

Transaction Request Message Format 2‐4


Message Format 2‐4
CAM Flags 2‐7

Command Reject Messages 2‐9


Specific Command Rejects 2‐9

SCRW / MCRW Hardware Error Reporting 2‐10


Unsolicited Device Status Message 2‐10
Unsolicited Device Status Message During Chip Power‐Up 2‐10
Solicited Device Status Message 2‐10

ICC Application Solicited/ Unsolicited Error Message Format 2‐11

Issuer Script Results and Completion Data 2‐13

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
SST to Host Messages

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
SST to Host Messages
B

Overview

Overview 2

This chapter provides information on the following topics:


 SST Application Version Information
 SST Hardware Information
 Transaction Request Message Format
 Command Reject Messages
 SCRW/MCRW Hardware Error Reporting
 ICC Application Solicited / Unsolicited Error Message
 Issuer Script Results and Completion Data.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 2-1
SST to Host Messages
SST Application Version Information

SST Application Version Information 2

Unlike APTRA Advance NDC, EMV specific software identification


information is not provided in response to a Send Software ID
(Command Code ‘7’, modifier ‘5’) or Send Configuration
Information Terminal Command message (Command Code ‘7’, no
modifier).

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

2-2 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
SST to Host Messages
SST Hardware Information

SST Hardware Information 2

To enable the host to identify SSTs configured with a Smart Card


Reader Writer (SCRW), the SST’s response to a Terminal Command
message with Command Code ‘7’ (Send Configuration Information)
with or without Command Modifier ‘1’ (Send Hardware
Configuration/Send Configuration Information) can indicate in field
ʹg4ʹ that the SCRW is one of the following smart card variants:

Value (Hex) Variant Description

08 Track 2 Smart Card Reader

09 Track 1/2/3 Smart Card Reader

0A 3 Track Write Smart Card Reader

1D Dip And Smart Hardware (DASH) Card Reader

1F Track 123 Smart Card Reader with MM

20 Track 3 Smart Card Reader with MM

For a complete list of all the possible MCRW/SCRW variants in


NDC Business Services, including the non‐smart card MCRW
values, refer to the APTRA NDC Business Services, Reference Manual.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 2-3
SST to Host Messages
Transaction Request Message Format

Transaction Request Message Format 2

This section defines the format of the additional smart card data
held in field ‘bd1’ of the Transaction Request message. This message
will also contain the smart card data that the host requires to
authorise a smart card transaction at the SST.
The message is sent during a consumer transaction, either as a full
Transaction Request or in response to an Interactive Transaction
Request.
For full details of the Transaction Request message format, refer to
the APTRA NDC Business Services, Reference Manual.
For details of the issuer script results and completion data which
can be included, see “Issuer Script Results and Completion Data” on
page 2‐13.

Message Format 2

Number of
Field Mandatory/Optional Description
Characters

FS 1 See Note 1: Field Separator.

bd1 1 See Note 1: Buffer identifier. The value is fixed as ʹ5ʹ to indicate smart card data.

bd2 ‐ ‐ Smart card data ‐ see sub‐fields:

bd2a 3 See Note 1: Smart card data identifier.

CAM ‐ data in buffer is for CAM

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

2-4 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
SST to Host Messages
Transaction Request Message Format

Number of
Field Mandatory/Optional Description
Characters

bd2b 4 See Note 1: CAM Flags.

For values, see “CAM Flags” on page 2‐7.

bd2c Var See Note 1:, ICC data objects requested by the host.
Note 2: and
Note 3: All the available data objects referenced in field f11 of the ICC
Terminal Acceptable Application IDs Table entry, and for which the
Full/Partial Primary Application ID Value matches the currently
selected ICC Application AID, are included in this field as individual
BER‐TLV formatted data objects. For details, see “ICC Terminal
Acceptable Application IDs Table” on page 3‐14.

For example, with the following tags from field ’f11’:

Application Identifier (AID) 0x9F06


Track 2 Equivalent Data 0x57
Application PAN 0x5A
Application PAN Sequence Number 0x5F34
Cryptogram Information Data 0x9F27
Application Cryptogram 0x9F26
Issuer Application Data 0x9F10
Application Interchange Profile (AIP) 0x82
Application Transaction Counter (ATC) 0x9F36
CDOL1 0x8C
PIN Retry Count 0x9F17

This field would contain the following (actual values will vary):

ʹ9F 06 07 A0 00 00 00 08 00 01 57 12 12 34 56 78 90 12 34 56 78 90 D9 90
10 81 23 45 67 89 5A 0A 12 34 56 78 90 12 34 56 78 90 5F 34 01 00 9F 27 01
00 9F 26 08 12 34 56 78 90 12 34 56 9F 10 07 06 01 01 03 A0 00 00 82 02 7C
00 9F 36 02 01 23 8C 15 9F 02 06 9F 03 06 9F 1A 02 95 05 5F 2A 02 9A 03
9C 01 9F 37 04 9F 17 01 03ʹ

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 2-5
SST to Host Messages
Transaction Request Message Format

Number of
Field Mandatory/Optional Description
Characters

bd2d Var See Note 1:, Further ICC data objects requested by the host; see “ICC Transaction
Note 2:, Note 3: Data Objects Table” on page 3‐7.
and Note 4:
All the available data objects referenced within Card Risk
Management Data Object List 1 (CDOL1, tag 0x8C) are included in this
field as individual BER‐TLV formatted data objects.

If a BER‐TLV data object is referenced in CDOL1, but is already


present in field bd2c, it is not repeated in this field.

For example, if CDOL1 references the following tags (as per Visa
Cryptogram Version Number 10):

Amount, Authorised 0x9F02


Amount, Other 0x9F03
Terminal Country Code 0x9F1A
Terminal Verification Results (TVR) 0x95
Transaction Currency Code 0x5F2A
Transaction Date 0x9A
Transaction Type 0x9C
Unpredictable Number 0x9F37

Then this field would contain the following (actual values will vary):

ʹ9F 02 06 00 00 00 00 20 00 9F 03 06 00 00 00 00 00 00 9F 1A 02 08 26 95 05
80 00 04 00 00 5F 2A 02 08 26 9A 03 00 07 11 9C 01 00 9F 37 04 78 12 25
98ʹ

Note 1: These fields are only included in the Transaction Request if


the first GENAC command results in an Authorisation Request
Cryptogram (ARQC) or a failing first GENAC command is
configured for fallback.

Note 2: If no data objects are identified, none are present and this
field is not present.

Note 3: If a data object held in fields ʹbd2cʹ and ʹbd2dʹ is not


available, the data object is not present.

Note 4: If CDOL1 has invalid content, as described in “Data Object


List (DOL) Processing” on page 5‐3, “ICC Processing”, no data
objects are present in field ʹbd2dʹ, so this field is not present.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

2-6 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
SST to Host Messages
Transaction Request Message Format

NDC Business Services provides partial support for CAM Flags.


CAM Flags 2

There are 16 available CAM flags. These are encoded as the bits in
two bytes, and are converted to ASCII hex (four bytes) for
transmission. Each can have the value 0 or 1, with the following
meanings:

NDC Business
Byte Bit Value Description
Services Support

1 8 ‐ Reserved. ‐

7 ‐ Reserved. ‐

6 0 or 1 0 ‐ Full CAM processing No Support


1 ‐ Partial CAM processing

5 0 or 1 0 ‐ Transaction not declined offline. No Support


1 ‐ Transaction declined offline.

4 0 or 1 0 ‐ Application data retrieval successful. No Support


1 ‐ Application data retrieval failed.

3 0 or 1 0 ‐ Get processing options successful. No Support


1 ‐ Get processing options failed.

2 0 or 1 0 ‐ Application selection successful. No Support


1 ‐ Application selection failed.

1 ‐ Reserved. ‐

2 8 0 or 1 0 ‐ Processing options Data Object List (PDOL) data valid. No Support


1 ‐ PDOL data invalid.

7 0 or 1 0 ‐ Card risk management Data Object List 1 (CDOL1) data valid. No Support
1 ‐ CDOL1 data invalid.

6 0 or 1 0 ‐ Generate Application Cryptogram (AC) successful. Supported


1 ‐ Generate AC failed.

5 ‐ Reserved. ‐

4 0 or 1 0 ‐ CAM processing not yet successfully performed. Supported


1 ‐ CAM processing previously successfully performed.

3 1 CAM processing was initiated. Supported

2 0 Reserved. ‐

1 0 Reserved. ‐

If CAM processing was previously completed successfully in a


transaction chain (for example, was completed on the first service,
prior to the second service, and within the same card insertion),
then byte 2 bit 4 indicates this.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 2-7
SST to Host Messages
Transaction Request Message Format

The points of successful completion are:


 When CAM processing performs the second ICC ‘GENERATE
APPLICATION CRYPTOGRAM’ command requesting a
Transaction Certificate (TC) and obtains a TC, or
 When CAM processing performs the second ICC ‘GENERATE
APPLICATION CRYPTOGRAM’ command requesting an
Application Authorisation Cryptogram (AAC) and obtains an
AAC.
If an unexpected failure occurs during processing, the point of
failure is indicated by byte 2, bit 6.
If an ICC ʹGENERATE APPLICATION CRYPTOGRAMʹ command
is submitted with CDOL1 but fails, byte 2 bit 6 is set to 1.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

2-8 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
SST to Host Messages
Command Reject Messages

Command Reject Messages 2

CAM introduces the possibility of new values in the solicited status


messages, that is, specific command rejects. These rejects will be
replaced with a standard command reject (ʹAʹ) if specific command
reject processing has not been enabled. This publication assumes
that specific command reject processing is enabled.

The following table describes the possible values for specific


Specific Command Rejects 2

command reject messages:

Value Meaning

B91 ICC Currency Data Objects Table data or data format is


invalid.

B92 ICC Transaction Data Objects Table data or data format is


invalid.

B93 ICC Language Support Table data or data format is


invalid.

B94 ICC Terminal Data Objects data or data format is invalid.

B95 Reserved.

B96 Reserved.

B97 The SST expected CAM data in the host response to a


Transaction Request, but either no CAM data was included
or CAM data was included but the data or data format was
invalid.

B98 The SST did not expect CAM data in the host response to a
Transaction Request as either no CAM data was sent in the
Transaction Request or CAM data was already included in
an earlier response corresponding to the same Transaction
Request.

B99 Not supported by .NET NDC Business Services.

Wxx ICC Terminal Acceptable Application IDs Table data or


data format is invalid.

Where ʹxxʹ is an ASCII hexadecimal value in the range ʹ00ʹ


to ʹFFʹ inclusive identifying which entry number failed.

If the entry number is not available or is out of range, ʹxxʹ


defaults to ʹFFʹ.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 2-9
SST to Host Messages
SCRW / MCRW Hardware Error Reporting

SCRW / MCRW Hardware Error


Reporting 2

The following sections describes error reporting for smart and


magnetic card reader/writer devices.

When an error at the hardware/physical level occurs while


Unsolicited Device Status performing a SCRW command, T‐Code values are reported in the
Message 2
Transaction Status field (field g2/e2) of the MCRW device status
message.
The T_CODE field values which can be returned from the SCIF are:
 08H Fatal SCIF error
 09H SCIF warning; all commands available.
Any other T‐Code does not relate to EMV Exits.
An example of an EMV hardware error is:
12<FS>000<FS><FS>D9<FS>2<FS>817020000000<FS>0.

The SST attempts to power on the chip card up to three times. Each
Unsolicited Device Status failure will result in an unsolicited error being sent to the host. This
Message During Chip will have a T‐Code of 8H (as stated above).
Power‐Up 2

When the External Authenticate, GENAC 2 and Issuer Script


Solicited Device Status processing is performed, a physical device error can occur during
Message 2
communications with the ICC, resulting in the following T_CODE
values:
 08H Fatal SCIF error
 09H SCIF warning; all commands available.
Any other T‐Code is not possible as the only activity will be
communication with the ICC.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

2-10 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
SST to Host Messages
ICC Application Solicited/ Unsolicited Error Message Format

ICC Application Solicited/


Unsolicited Error Message Format 2

Errors are reported using standard NDC solicited/unsolicited error


messages. Fields g1/e1 to g5/e5 (inclusive) are used as described in
the following table.
The data transmitted is intended to help you identify as accurately
as possible the point at which the command submitted to the ICC
failed.

Note: Field g4/e4 normally contains binary values. These values


are converted to ASCII hex for transmission; for example, the
single‐byte value 0x9A would be transmitted as the two‐byte value
ʹ9Aʹ. The table shows the message formats as they would be
transmitted by the SST.
The following error message can also be produced with invalid
issuer script results and completion data; for more information, see
“Issuer Script Results and Completion Data” on page 2‐13.

Number of
Field Mandatory/Optional Description
Characters

g1/ 1 M Device Identifier Graphic ʹcʹ (Smart card application level error)
e1

g2/ 1 M Transaction Status.


e2
Always = 1.

FS 1 M Field Separator.

g3/ 1 M Error Severity.


e3
Always = 2.

FS 1 M Field Separator.

g4/ Var. M Diagnostic Status ‐ see sub‐fields:


e4

g4a/ 3 M ICC application type selected when command failed.


e4a
ʹCAMʹ ‐ CAM
The ʹS&Sʹ value representing ‘No ICC application selected’ is not
applicable for NDC Business Services and so this field will always be
‘CAM’.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 2-11
SST to Host Messages
ICC Application Solicited/ Unsolicited Error Message Format

Number of
Field Mandatory/Optional Description
Characters

g4b/ Var. See Note 1: Application Identifier (AID) (tag 0x9F06).


e4b (up to 38)
AID of selected application when command failed in BER‐TLV format.

g4c/ 2 M CLA ‐ Class of instruction of command that failed.


e4c

g4d/ 2 M INS = Instruction of command that failed.


e4d

g4e/ 2 M P1 = Parameter 1 of command that failed.


e4e

g4f/ 2 M P2 = Parameter 2 of command that failed.


e4f

g4g/ 2 M Lc = Length of command data for command that failed.


e4g See Note 2:

g4h/ Var. CmdData = Command data for command that failed.


e4h (2 x Lc)

g4i/ 2 M Le = Length of response data for command that failed.


e4i See Note 2:

g4j/ Var. RspData = Response data for command that failed.


e4j (2 x Le)

g4k/ 2 M SW1 = Status word 1, indicating why command failed.


e4k

g4l/ 2 M SW2 = Status word 2, indicating why command failed.


e4l

FS ‐ ‐ Field Separator.

Not present, as field g5/e5 not used.

g5/ ‐ ‐ Not present, as not used.


e5

Note 1: This field is only present if an ICC application has been


selected.

Note 2: These fields will show the length of the command and
response data even if CmdData and RspData are not included.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

2-12 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
SST to Host Messages
Issuer Script Results and Completion Data

Issuer Script Results and Completion


Data 2

When one or more issuer scripts are sent to the SST, the host will
require the results of the issuer script processing. The following are
scenarios in which Valid issuer scripts have been received by the
SST:
 A valid Transaction Reply containing valid CAM data,
including issuer scripts, has been received.
 A valid ITR (Interactive Transaction Response) containing valid
CAM data, including issuer scripts, has been received. A
corresponding valid Transaction Reply, with no CAM data of its
own, has also been received.
If one or more issuer scripts have been received by the SST, the
issuer script processing results are appended to the field ʹg4ʹ/ʹfʹ and
sent to the host in the next solicited status message (except for
command rejects or specific command rejects). For the message
format, see the table on the next page.
The selected ICC application AID will have a matching table entry
in the ʹICC Terminal Acceptable AIDs Tableʹ. This entry identifies
data objects required by the host upon completion of ICC
processing (also referred to as Completion Data). For details see
“ICC Terminal Acceptable Application IDs Table” on page 3‐14.
If available, the required data objects are provided to the host on the
next solicited status message (except for command rejects or specific
command rejects) sent in response to a valid Transaction Reply,
where valid CAM data has been received either in the Transaction
Reply or an earlier related valid ITR. If these conditions are met, the
required data objects are appended to the end of field ʹg4ʹ/ʹfʹ. For the
message format, see the table on the next page.

Note: The additional data (host‐required data objects and/or issuer


script results) is attached to the end of field ʹfʹ if the solicited status
message is a Ready ʹ9ʹ or Ready ʹBʹ, otherwise, the data is attached to
the end of field ʹg4ʹ (following Extended Diagnostic Data if present).
To ensure that the host obtains the issuer script results and required
data objects (also referred to as Completion Data), the ʹLast
Transaction Status Informationʹ buffer (buffer id ʹ2ʹ) of the next
Transaction Request message sent to the host has the same data
appended to it as was sent in the solicited status message, unless
another valid FieldNumber of Transaction Reply has been received
since. The appended data corresponds to the transaction being

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 2-13
SST to Host Messages
Issuer Script Results and Completion Data

performed when the last valid Transaction Reply was received by


the SST.
If a Transaction Reply has been received, but no issuer scripts have
been received, no issuer script results will be present in the Last
Transaction Status Information buffer.
The format for reporting the issuer script results is as follows:

Number of
Field Mandatory/Optional Description
Characters

GS 1 M Group Separator

a 3 See Note 1: Smart card data identifier.

ʹCAMʹ ‐ data is for CAM.

GS 1 See Note 2: Group Separator

b Var See Note 3:, Host‐requested ICC data objects.


Note 4: and
Note 6: All available data objects whose tag is referenced in:
 field ʹf13ʹ of the ʹICC Terminal Acceptable AIDs Tableʹ entry
 whose ʹFull/Partial Primary AID Valueʹ matched the
currently selected ICC application AID
will be included in this field as individual BER‐TLV data objects.
See “ICC Terminal Acceptable Application IDs Table” on page 3‐14.

For example, with:


Cryptogram Information Data 0x9F27
Application Cryptogram 0x9F26
Issuer Application Data 0x9F10
Terminal Verification Results (TVR) 0x95
Transaction Status Indicator (TSI) 0x9B

Then this field would contain the following (values will vary):

ʹ9F 27 01 00 9F 26 08 12 34 56 78 90 12 34 56 9F 10 07 06 01 01 03 A0 00 00
95 05 00 00 04 00 00 9B 02 74 00ʹ

GS 1 See Note 5: Group Separator

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

2-14 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
SST to Host Messages
Issuer Script Results and Completion Data

Number of
Field Mandatory/Optional Description
Characters

c 1 M Result of issuer script processing.


See Note 5:
ʹ0ʹ ‐ script not performed.
ʹ1ʹ ‐ script processing failed.
ʹ2ʹ ‐ script processing successful

d 1 M Sequence number of script command.


See Note 2:
ʹ0ʹ ‐ All commands successful or script not performed.
ʹ1ʹ ‐ ʹEʹ ‐ Sequence number from 1 to 14 for failed command.
ʹFʹ ‐ Sequence number of 15 or over for command that failed.

The sequence number of a command corresponds directly to its


position within a script. For example, the first command will be
assigned the sequence number ʹ1ʹ, the third ʹ3ʹ, the seventh ʹ7ʹ and so
on.

e Var. M Script Identifier (tag 0x9F18).


(1 to 14) See Note 2:
Identifier (ID) of the script to which the result relates, in BER‐TLV
format.

The script identifier data object (tag 0x9F18) is optionally provided as


part of the script data. If not provided, a default value of
0x00000000 (length of 4) is used. This is sent as ʹ9F 18 04 00 00
00 00ʹ.

For example:
 If the script ID sent as part of the script is ‘9F180499999999’,
the script results will have a script identified field of
‘9F180499999999’
 If the script ID sent as part of the script is ‘9F1800’, the script
results will have a script identified field of ‘9F1800’
 If no script ID is sent as part of the script, the script results
will have a script identified field of ‘9F180400000000’.

Note 1: The first group separator and field ʹaʹ are omitted if the
application type for the data has already been sent in the message to
which it is being attached. For example, they would not be present
in an ʹICC Applicationʹ device status message, but would be present
in any other status message and the Transaction Request ʹLast
Transaction Status Informationʹ buffer (buffer id ʹ2ʹ).

Note 2: The second group separator is mandatory if field ʹbʹ, or


fields ʹcʹ to ʹeʹ inclusive, are present.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 2-15
SST to Host Messages
Issuer Script Results and Completion Data

Note 3: If a data object is identified, but not available, then the data
object will not be present. If no data objects are identified or none
are available, then field ʹbʹ is not present.

Note 4: There is no limit enforced on the size of this data.

Note 5: Fields ʹcʹ to ʹeʹ inclusive are repeated for the number of
scripts present in the ITR or Transaction Reply CAM data, and are
configured to record the processing status of each script. If no
scripts are present, the third group separator and fields ʹcʹ through
ʹeʹ inclusive are omitted. If four scripts were present, the third group
separator is present, and fields ʹcʹ through ʹeʹ inclusive are repeated
four times.

Note 6: The values in fields ʹbʹ and ʹeʹ are normally binary, but are
converted to ASCII hex for transmission. For example, the
single‐byte value 0x9A would be transmitted as the two‐byte value
ʹ9Aʹ. The table above shows the message format transmitted by the
SST.

Note 7: The Last Transaction Status Information buffer (buffer


IDʹ2ʹ) is only sent in a Transaction Request if the enhanced
configuration option ʹ15ʹ is set to ʹ001ʹ.

Note 8: Issuer script results and transmission status are maintained


over power failures.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

2-16 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
Host to SST Messages

Chapter 3
Host to SST Messages

Overview 3‐1

Customisation Data Commands 3‐2

EMV Configuration Message 3‐3


ICC Currency Data Objects Table 3‐5
Message Format 3‐5
ICC Transaction Data Objects Table 3‐7
Example Data 3‐9
ICC Language Support Table 3‐10
ICC Terminal Data Objects Table 3‐12
ICC Terminal Acceptable Application IDs Table 3‐14
List of Applications (AIDs) Method 3‐14
Payment System Environment (PSE) Method 3‐14
Simulated Track 2 Data 3‐22
Compatibility with Earlier Edge Versions and Other NDC
Variants 3‐23
Local setting of Track Data settings f18,f19,f20,f21 3‐23

Transaction Reply 3‐24


Field ‘bc’ ‐ Transaction Data Objects Update Buffer 3‐27

Interactive Transaction Response 3‐28

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
Host to SST Messages

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
C

Overview

Overview 3

This chapter provides information on the following topics:


 Customisation Data Commands
 EMV Configuration Message
— ICC Currency Data Objects Table
— ICC Transaction Data Objects Table
— ICC Language Support Table
— ICC Terminal Data Objects
— ICC Terminal Acceptable Application IDs Table
 Transaction Reply (smart card data buffer)
— Interactive Transaction Response.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-1
Host to SST Messages
Customisation Data Commands

Customisation Data Commands 3

The host can use various Customisation Data commands to


download different types of data to the SST. A full list of supported
commands is available in the APTRA NDC Business Services,
Reference Manual.
For EMV Configuration there are 5 additional commands with a
Message Class of ‘8’:
 ICC Currency Data Objects Table
 ICC Transaction Data Objects Table
 ICC Language Support Table
 ICC Terminal Data Objects Table
 ICC Terminal Acceptable AIDs Table
The following table shows the message class, sub‐class and
identifier for each command.

Message Message
Identifier Command
Class Sub-Class

8 1 ‐ EMV Configuration ‐
ICC Currency Data Objects Table

8 2 ‐ EMV Configuration ‐
ICC Transaction Data Objects Table

8 3 ‐ EMV Configuration ‐
ICC Language Support Table

8 4 ‐ EMV Configuration ‐
ICC Terminal Data Objects Table

8 5 ‐ EMV Configuration ‐
ICC Terminal Acceptable AIDs Table

The EMV Configuration message format is detailed in the following


section

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-2 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

EMV Configuration Message 3

To enable EMV ICC (Smart Card) configuration, a new message is


required for the host to SST communications. The format of this
message is as follows:

Number of
Field Mandatory/ Optional Description
Characters

a Var. M Header. Protocol dependent.

b 1 M Message Class. The value is fixed as ʹ8ʹ to indicate EMV configuration


data.

c 1 O Response Flag.
Included for future use and ignored by the SST.

FS 1 M Field Separator.

d 3 or 9 O Logical Unit Number (LUNO).

FS 1 M Field Separator.

e 1 M Message Sub‐Class.
ʹ1ʹ ‐ ʹICC Currency Data Objects Tableʹ data.
ʹ2ʹ ‐ ʹICC Transaction Data Objects Tableʹ data.
ʹ3ʹ ‐ ʹICC Language Support Tableʹ data.
ʹ4ʹ ‐ ʹICC Terminal Data Objects Tableʹ data.
ʹ5ʹ ‐ ʹICC Terminal Acceptable AIDs Tableʹ data.

These are defined in the following sub‐sections.

FS 1 M Field Separator.

f Var. M Configuration Data.

See the following sections in this chapter for each message sub‐class.

FS 1 See Note 1: Field Separator

g Var. See Note 1: Message Authentication Code (MAC) Data.

Eight digit ASCII hex value used to authenticate the message data.

h Var. M Trailer. Protocol dependent.

The ʹEMV Configuration Dataʹ message is expected at the SST only


when the SST is in out‐of‐service mode or supply/ supervisor mode.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-3
Host to SST Messages
EMV Configuration Message

If the host transmits an ʹEMV Configuration Dataʹ message and it


does not conform to the format above, or it is sent at a time when it
is not expected, the NDC CAM application will generate a solicited
error message. This error message will identify an NDC specific
command reject value appropriate to the failure reason, or simply a
ʹReady Aʹ if specific command reject processing is not activated.
If a command reject or specific command reject is generated then the
message content will be ignored.

Note 1: The field separator and MAC Data field are only included if
the flag settings are correct. For details, refer to the APTRA NDC
Business Services, Reference Manual.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-4 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

This table is obsolete in NDC Business Services where the BER‐TLV


ICC Currency Data Objects currency data objects for a transaction are configured during
Table 3
transaction processing based on the currency used by the selected
transaction.
Activate Only
For backward compatibility with other variants of NDC, any table
downloaded by the host is validated, but not stored, with a Ready 9
or Reject sent to the host in response.
Edge Only
For backward compatibility with other variants of NDC, any table
downloaded by the host is validated and stored but never used,
with a Ready 9 or Reject sent to the host in response.

Message Format 3

The following details are provided for situations where the host will
still be providing this download table, to ensure valid message
content.
If the host downloads ICC Currency Data Objects Table data and it
does not conform to the above format, the NDC CAM application
generates a solicited error message with a Specific Command Reject
(value ʹB91ʹ).

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-5
Host to SST Messages
EMV Configuration Message

Number of
Field Mandatory/ Optional Description
Characters

f1 2 M Number of Currency Type Mapping Entries.


See Note 2:
Two‐digit ASCII hex value in the range ʹ01ʹ to ʹFFʹ inclusive.

f2 2 See Note 1: Currency Type.

Two‐digit ASCII hex value in the range ʹ01ʹ to ʹFFʹ inclusive.

f3 Var. See Note 1: BER‐TLV Data Objects.


(000‐255)
Any BER‐TLV formatted data object may be placed in this field, but all
data objects must be held within a single Response Format 2 data
object (tag 0x77). The data is sent in ASCII hex.

This field contains the Transaction Currency Code (tag 0x5F2A) and
the Transaction Currency Exponent (tag 0x5F36) data objects.

For example:
ʹ77 09 5F 2A 02 08 26 5F 36 01 02ʹ

Where:
ʹ77ʹ ‐ ʹResponse Format 2ʹ data object tag
ʹ09ʹ ‐ ʹResponse Format 2ʹ data object length
ʹ5F 2Aʹ ‐ ʹTransaction Currency Codeʹ data object tag
ʹ02ʹ ‐ ʹTransaction Currency Codeʹ data object length
ʹ08 26ʹ ‐ ʹTransaction Currency Codeʹ data object value
ʹ5F 36ʹ ‐ ʹTransaction Currency Exponentʹ data object tag
ʹ01ʹ ‐ ʹTransaction Currency Exponentʹ data object length
ʹ02ʹ ‐ ʹTransaction Currency Exponentʹ data object value

Note 1: If field ʹf1ʹ is greater than ʹ01ʹ, the fields ʹf2ʹ and ʹf3ʹ are
repeated for the number of times indicated by field ʹf1ʹ.

Note 2: The data contained within fields ʹf1ʹ, ‘f2’ and ‘f3’ is normally
in binary. This field will be converted to ASCII hex for transmission.
Therefore the single‐byte value 0x9A would be transmitted as the
two‐byte value ʹ9Aʹ. The format description above shows the data
field sizes as sent by the host.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-6 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

Activate Only
ICC Transaction Data
This table is obsolete in APTRA Activate NDC Business Services
Objects Table 3

where the BER‐TLV transaction data objects are fixed for a


transaction and configured during transaction processing based on
the customer selected transaction.
The Transaction Type (tag 0x9C) is fixed in‐line with the ISO
8583:1987 Processing Code for each transaction.
The Transaction Category Code (tag 0x9F53) is set to ‘Z’
(transmitted as ‘5A’) for Debit Transactions only.
For backward compatibility with other variants of NDC, any table
downloaded by the host is validated, but not stored, with a Ready 9
or Reject sent to the host in response.
Edge Only
This table is used to provide the means by which transaction types
can be mapped to BER‐TLV data objects.
The following details are provided for situations where the host will
still be providing this download table, to ensure valid message
content.
The ‘”Transaction Type”(f2) values provided in the table are
mapped to transactions on the SST using
CAM2TransactionConfiguration in
NDCBSCAM2TerminalConfig.xml.
The data provided for each transaction is made available to the
system for EMV processing before EMV Pre‐Authorise processing
(the first GENAC command).

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-7
Host to SST Messages
EMV Configuration Message

The configuration data required for this table is provided via the
EMV Configuration Message (sub‐class of ʹ2ʹ). The data is held in
field ʹfʹ of the EMV Configuration Message as follows:

Number of Mandatory /
Field Description
Characters Optional

f ‐ ‐ ICC Transaction Data Objects Table data ‐ see sub‐fields:

f1 2 M Number of Transaction Type Mapping Entries.


See Note 3:
Two‐digit ASCII hex value in the range ʹ01ʹ to ʹFFʹ inclusive.

f2 2 See Note 1: Transaction Type.

Two‐digit ASCII hex value in the range ʹ01ʹ to ʹFFʹ inclusive.

f3 Var. See Note 1: BER‐TLV Data Objects.


(000‐255)
Any BER‐TLV formatted data object may be placed in this field, but all
data objects must be held within a single ʹResponse Format 2ʹ data
object (tag 0x77). The data is sent in ASCII hex.

Note: Only primitive BER‐TLV data objects of a type known to the SST
are stored for use in ICC processing.

This field contains the ʹTransaction Typeʹ (tag 0x9C) data object and
the MasterCard proprietary ʹTransaction Category Codeʹ (tag 0x9F53)
data object.

For example:
ʹ77 07 9C 01 01 9F53 01 5Aʹ

Where:
ʹ77ʹ = ʹResponse Format 2ʹ data object tag
ʹ07ʹ = ʹResponse Format 2ʹ data object length
ʹ9Cʹ = ʹTransaction Typeʹ data object tag
ʹ01ʹ = ʹTransaction Typeʹ data object length
ʹ01ʹ = ʹTransaction Typeʹ data object value
ʹ9F53ʹ = ʹTransaction Category Codeʹ data object tag
ʹ01ʹ = ʹTransaction Category Codeʹ data object length
‘5A’= ‘Transaction Category Code’ data object value

If the host downloads ICC Transaction Data Objects Table data and
it does not conform to the above format, the NDC CAM application
generates a solicited error message identifying a Specific Command
Reject (value ʹB92ʹ).

Note 1: If field ʹf1ʹ is greater than ʹ01ʹ, the fields ʹf2ʹ and ʹf3ʹ are
repeated for the number of times indicated by field ʹf1ʹ.

Note 2: If Specific Command Reject processing is not activated,


rejects will be reported as a standard ʹReady Aʹ reject.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-8 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

Note 3: The data contained within field ʹfʹ is normally in binary.


This field will be converted to ASCII hex for transmission. Therefore
the single‐byte value 0x9A would be transmitted as the two‐byte
value ʹ9Aʹ. The format description above shows the data field sizes
as it would be sent to the host.

Note 4: If a specific ‘Transaction Type’ is mapped to ‘BER‐TLV


Data Objects’ more than once within a message, then the latter
mapping will be used for processing.

Example Data 3

If there are two transaction types to be supported by the SST, the


downloaded ʹICC Transaction Data Objects Tableʹ data would be
similar to the following
'02 01 77 07 9C 01 01 9F 53 01 5A 02 77 07 9C 01 02 9F
53 01 5B'

Spaces are included for clarity, but do not appear in the actual
message to the SST.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-9
Host to SST Messages
EMV Configuration Message

This table is obsolete in NDC Business Services as the consumer


ICC Language Support flow processes customer on‐screen and audio language selection in
Table 3
a different manner, where support for ICC language preference is
provided.
The NDC Customiser should be configured to provide the Opcode
buffer values for each language used as required by the host.
Activate Only
For backward compatibility with other variants of NDC, any table
downloaded by the host is validated, but not stored, with a Ready 9
or Reject sent to the host in response.
Edge Only
For backward compatibility with other variants of NDC, any table
downloaded by the host is validated and stored but never used,
with a Ready 9 or Reject sent to the host in response.
The following details are provided for situations where the host will
still be providing this download table, to ensure valid message
content.
The configuration data required for this table is provided via the
EMV Configuration Message (sub‐class of ʹ3ʹ). The data is held in
field ʹfʹ of the EMV Configuration Message as follows:

Number of
Field Mandatory/ Optional Description
Characters

f ‐ ‐ ICC Language Support Table data ‐ see sub‐fields:

f1 2 M Number of Language Mapping Entries.

Two‐digit ASCII hex value in the range ʹ01ʹ to ʹFFʹ inclusive.

f2 2 See Note 1: Language Code.

ASCII character value in the range ʹaaʹ to ʹzzʹ inclusive (that is, lower
case alphabetic characters only, with no numerics).

The language code must be a value as defined in ISO 639:1998.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-10 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

Number of
Field Mandatory/ Optional Description
Characters

f3 3 See Note 1: Screen Base.

ASCII decimal value in the range ʹ000ʹ to ʹ999ʹ inclusive, where:


1 = 1000, 2 = 2000.....9 = 9000.

This value is used as the screen base, provided the ICC language
preference finds a match against the language code in field ʹf2ʹ.

Note: To enable larger screen groups, values 1 to 9 are now multiplied


by 1000. For example, to set the screen base to 1000, set this value to 1.

f4 3 See Note 1: Audio Base.

ASCII decimal value in the range ʹ000ʹ to ʹ007ʹ inclusive.

This value is used to set the digital audio directory base, provided the
ICC language preference finds a match against the language code in
field ʹf2ʹ.

f5 3 See Note 1: Opcode Buffer Positions.

Three different ASCII decimal values, each in the range ʹ0ʹ to ʹ7ʹ
inclusive. No duplicate values should be present (that is, ʹ001ʹ is not
acceptable).

If the ICC language preference finds a match against the language


code in field ʹf2ʹ, the three OpCode buffer positions indicated in this
field are set to the corresponding values indicated in field ʹf6ʹ.

f6 3 See Note 1: Opcode Buffer Values.

Three ASCII character values, each with a value in the range ʹAʹ to ʹDʹ
or ʹFʹ to ʹIʹ inclusive, or ʹ@ʹ.

If the ICC language preference finds a match against the language


code in field ʹf2ʹ, the three OpCode values indicated in this field are set
in the corresponding OpCode positions indicated in field ʹf5ʹ.

If the OpCode value is ʹ@ʹ, no change is made to the corresponding


OpCode positions.

If the host downloads ICC Language Support Table data and it does
not conform to the above format, the NDC CAM application will
generate a solicited error message identifying a Specific Command
Reject (value ʹB93ʹ) and the downloaded data is ignored.

Note 1: If field ʹf1ʹ is greater than ʹ01ʹ, the fields ʹf2ʹ through ʹf6ʹ
inclusive are repeated for the number of times indicated by field ʹf1ʹ.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-11
Host to SST Messages
EMV Configuration Message

This table is used to provide a method by which terminal‐specific


ICC Terminal Data Objects data objects are defined by the host for use with ICC processing.
Table 3

NDC Business Services will only make the following BER‐TLV


tagged objects provided in this message available for processing:
 Acquirer Identifier ‐ 0x9F01,
 Merchant Category Code ‐ 0x9F15,
 Merchant Identifier ‐ 0x9F16,
 Terminal Country Code ‐ 0x9F1A,
 Terminal Floor Limit ‐ 0x9F1B,
 Terminal Identification ‐ 0x9F1C,
 Interface Device Serial Number ‐ 0x9F1E,
 Terminal Capabilities ‐ 0x9F33,
 Terminal Type ‐ 0x9F35,
 Additional Terminal Capabilities ‐ 0x9F40
Activate Only
Merchant Name and Location ‐ 0x9F4E.
These terminal specific data elements are also configurable locally
on the Card Service EMVTerminalConfig class, where the value of
any object downloaded by the host will supersede that held in the
local configuration

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-12 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

The configuration data required for this table is provided via the
EMV Configuration Message (sub‐class of ʹ4ʹ). The data is held in
field ʹfʹ of the EMV Configuration Message as follows:

Number of
Field Mandatory/ Optional Description
Characters

f ‐ ‐ ICC Terminal Data Objects data ‐ see sub‐fields:

f1 Var. M BER‐TLV Data Objects.


(0‐255)
Any BER‐TLV formatted data object may be placed in this field, but all
data objects must be held within a single ʹResponse Format 2ʹ data
object (tag 0x77). The data is sent in ASCII hex.

Note: Only the data objects listed above this table are made available
for use in ICC processing.

This field contains the ʹTerminal Country Codeʹ (tag 0x9F1A) and
ʹTerminal Typeʹ (tag 0x9F35) data objects.

For example:

ʹ77 09 9F 1A 02 08 26 9F 35 01 14ʹ

Where
 ʹ77ʹ ‐ ʹResponse Format 2ʹ data object tag
 ʹ09ʹ ‐ ʹResponse Format 2ʹ data object length
 ʹ9F 1Aʹ ‐ ʹTerminal Country Codeʹ data object tag
 ʹ02ʹ ‐ ʹTerminal Country Codeʹ data object length
 ʹ08 26ʹ ‐ ʹTerminal Country Codeʹ data object value
 ʹ9F 35ʹ ‐ ʹTerminal Typeʹ data object tag
 ʹ01ʹ ‐ ʹTerminal Typeʹ data object length
 ʹ14ʹ ‐ ʹTerminal Typeʹ data object value

If the host downloads ICC Terminal Data Objects data and it does
not conform to the above format, the NDC CAM application
generates a solicited error message with a Specific Command Reject
(value ʹB94ʹ) and the downloaded data is ignored.

Note: The data contained within field ʹfʹ is normally in binary. This
field is converted to ASCII hex for transmission; for example, the
single‐byte value 0x9A is transmitted as the two‐byte value ʹ9Aʹ. The
format description in the previous table shows the data field sizes as
they are sent to the host.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-13
Host to SST Messages
EMV Configuration Message

The ICC Terminal Acceptable AIDs Table is made up of entries


ICC Terminal Acceptable which each define an acceptable AID (as a full or partial AID value)
Application IDs Table 3
and a list of associated AIDs. These AIDs represent the applications
supported by the SST.
NDC Business Services supports both the PSE and list of application
methods of candidate list build.

List of Applications (AIDs) Method 3

This requires the Card Service SelectPSE property to be set to


false, where the default for this value is false.

Shortly after inserting an ICC into the card reader, each of the
previously downloaded table entries is processed in turn.
An attempt is made to select the first table entry’s Primary AID on
the ICC.
If the Primary AID exists on the card, this is added to the Candidate
List and processing continues with attempts to select each of the
Secondary AIDs for this table entry in turn. If a Secondary AID is
found to be present then this is also added to the Candidate List.
Once complete with the first table entry, the process repeats for each
of the following table entries.
On completing all table entries there is now a Candidate List of
EMV applications, from which the application to be used for EMV
transaction processing can be selected.
No table entries are discarded during processing of the table entries.
An attempt will always be made to select each of the Primary AIDs
for every table entry.

Payment System Environment (PSE) Method 3

This requires the Card Service SelectPSE property to be set to


true.

The SST reads records from the Payment System Directory on the
chip and attempts to match any applications found on the chip with
those supported by the SST. Matching applications are added to the
Candidate List.
Where the SST encounters a problem using the PSE method, or
simply finds no matching applications, it will revert to using the List
of Applications Method.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-14 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

The configuration data required for this table is provided via the
EMV Configuration Message (sub‐class of ʹ5ʹ). Each table entry is
held in field ʹfʹ of the EMV Configuration Message as follows:

Number of
Field Mandatory/ Optional Description
Characters

f ‐ ‐ ICC Terminal Acceptable AIDs Table data ‐ see sub‐fields:

f1 2 M Entry Number.

Two‐digit ASCII hex value in the range ʹ00ʹ to ʹFFʹ inclusive.

f2 2 See Note 1: Length of Full / Partial Primary AID Value.

ASCII hex value for the length of the AID.

The length of the AID must be in the range ʹ01Hʹ to ʹ10Hʹ inclusive (1 to
16 decimal inclusive).

Note: This length is also the number of ICC AID bytes that will be
checked when compared to the Full / Partial Primary AID value (field
ʹf3ʹ).

f3 Var. See Note 1: Full/Partial Primary AID Value.


(1‐32)
Binary value stored as ASCII hex.

For example, an AID of 0xA000000026 is stored as the characterised


value ʹA000000026ʹ and has length ʹ05ʹ (field ʹf2ʹ).

f4 2 See Note 1: and Length of Default Application Label.


Note 5:
ASCII hex value for the length of the default Application Label data
object (tag 0x50).

The length must be in the range ʹ00ʹ to ʹ10ʹ inclusive (0 to 16 decimal


inclusive). The value corresponds to the content of field ʹf5ʹ.

f5 Var. See Note 1: and Default Application Label.


(1‐16) Note 5:
Default value to be used for the Application Label data object (tag
0x50).

The value is a text string of characters in the range 0x20 to 0x7E


inclusive.

The default Application Label is ʹSelf Serviceʹ, transmitted with length


ʹ0Cʹ (field ʹf4ʹ).

f6 3 See Note 1: Primary AID ICC Application Type.

ʹCAMʹ = CAM ICC application

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-15
Host to SST Messages
EMV Configuration Message

Number of
Field Mandatory/ Optional Description
Characters

f7 4 See Note 1: Primary AID Lowest Application Version Number.

A binary value stored as ASCII hex.

f8 4 See Note 1: Primary AID Highest Application Version Number.

A binary value stored as ASCII hex.

f9 10 See Note 1: Primary AID Terminal Action Code ‐ Denial.

Binary value stored as ASCII hex.

f10 2 See Note 1: and Number of Data Object(s) for Transaction Request.
Note 2:
ASCII hex value in range ʹ00ʹ through ʹFFʹ inclusive.

f11 Var. See Note 1: and Data Object(s) for Transaction Request.
Note 2: ASCII hex value.

This contains the list of BER‐TLV formatted tags to be sent in the


Transaction Request (see “Transaction Request Message Format” on
page 2‐4).

Note: No length is required for each tag value, as BER‐TLV formatted


tag values define their own length within the tag value itself.
However, in line with implementation restrictions, a tag will not be
acceptable if it is more than two bytes (four ASCII hex characters)
long.

Note: To include the PIN retry count in the transaction request,


include the tag 0x9F17 in this object list.

f12 2 See Note 1: and Number of Data Object(s) for Completion Data.
Note 2:
ASCII hex value in range ʹ00ʹ through ʹFFʹ inclusive.

f13 Var. See Note 1: and Data Object(s) for Completion Data.
Note 2:
ASCII hex value.

Contains a list of BER‐TLV formatted tags that are to be sent on the


next solicited status message (except command rejects or specific
command rejects), in response to a valid Transaction Reply containing
valid CAM data. See “Issuer Script Results and Completion Data” on
page 2‐13.

Note: No length is required for each tag value as BER‐TLV formatted


tag values define their own length within the tag value itself.
However, in line with implementation restrictions a tag will not be
acceptable if it is more than two bytes (four ASCII hex characters)
long.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-16 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

Number of
Field Mandatory/ Optional Description
Characters

f14 2 See Note 1: and Number of Secondary AIDs.


Note 3:
ASCII hex value in range ʹ00ʹ through ʹFFʹ inclusive.

f15 2 See Note 1: and Length of Full/Partial Secondary AID Value.


Note 3: ASCII hex value for the length of the AID.

The length of the AID must be in the range ʹ01ʹ to ʹ10ʹ inclusive (1 to 16
decimal inclusive).

f16 Var. See Note 1: and Full/Partial Secondary AID Value.


(1‐32) Note 3:
Binary value stored as ASCII hex. For example, an AID of
0xA000000026 is stored as the characterised value ʹA000000026ʹ, and
has a length of ʹ05ʹ (field ʹf15ʹ).

f17 2 O Application Selection Indicator

(M if any 00 (Default) During the candidate list build processing, any


following fields application which is a partial match will be added to the
are present) candidate list.

Note: A partial match occurs when the AID used in the


SELECT command is shorter than the DF Name and exactly
matches for all the characters present. The DF name is
returned in the response to a SELECT command and can be
the same length or longer than the AID used in the SELECT
command.
For example, if a card contains these applications:
A0000000001231
A0000000001232
A0000000004321
An AID of A00000000012, will select two applications, if the
card itself supports partial AID selection. An AID of
A000000000, will select all three.

01 During the candidate list build processing, any application


which is a full match to the candidate list is added.

Note: A full match occurs when the DF Name (tag 0x84)


returned by the ICC in response to a SELECT command
exactly matches the AID used in the SELECT command, that is
both are identical in length and contain the same characters.

f18 2 O Track 2 Data for the Host

(M if any 00 (Default) Use the card’s magnetic stripe data in the track 2
following fields buffer field of the transaction request.
are present)

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-17
Host to SST Messages
EMV Configuration Message

Number of
Field Mandatory/ Optional Description
Characters

01 Use the card’s magnetic stripe data in the track 2 buffer field of
the transaction request, unless there is no track 2 data
available, in which case use the ICC track 2 data defined in
field f19.

02 Always place the ICC track 2 data defined in field f19 in the
track 2 buffer field.

f19 2 O Track 2 Data To Be Used During ICC Transaction

(M if any 00 (Default) Use the Track 2 Equivalent Data (tag 0x57) for all
following fields NDC processing, but if it is not supplied by the ICC, produce
are present) an ICC level fake error and terminate the ICC processing.

01 Use the Track 2 Equivalent Data (tag 0x57) for all NDC
processing, but if it is not supplied by the ICC, use the track 2
data from the magnetic card.

02 Always use the track 2 data from the magnetic card.

03 Use the Track 2 Equivalent Data (tag 0x57) for all NDC
processing, but if it is not supplied by the ICC, construct
simulated Track 2 data. For details of track 2 data simulation,
see “Simulated Track 2 Data” on page 3‐22.

04 Always construct simulated track 2 data. For details, see


“Simulated Track 2 Data” on page 3‐22.

f20 2 O (Mandatory Length of Additional Track 2 Data in the following field (f21).
if f19 is set to 03
or 04. Range 01 to 21 (ASCII Hexadecimal).
Should be
omitted for f19 For example, “21” hexadecimal means 33 characters to follow.
set to 00, 01, 02)
For details of track 2 data simulation, see “Simulated Track 2 Data” on
page 3‐22.

f21 0 ‐ 33 O (M if f20 is Additional Track 2 Data


present and a
non‐zero value) The additional track 2 data to be used in the construction of the
simulated track 2 data.

Each byte of data to be used must be represented by 2 ASCII


hexadecimal characters in the range ‘30’ to ‘39’.

For example, ʺ1ʺ would be transmitted as ʺ31ʺ.

For details of track 2 data simulation, see “Simulated Track 2 Data” on


page 3‐22.

If the host downloads ICC Terminal Acceptable AIDs Table data


and it does not conform to the above format, the NDC CAM

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-18 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

application generates a solicited error message identifying a Specific


Command Reject with value ʹWxxʹ (where ʹxxʹ is the entry number
identified by field ʹf1ʹ) and the downloaded data is ignored.

Note 1: Fields ʹf1ʹ through ʹf21ʹ inclusive may be repeated as many


times as will fit within a single message within field ʹfʹ, with a
maximum total length of 256. Each iteration must be separated by a
Group Separator (GS) character.

Note 2: Fields ʹf11ʹ and ʹf13ʹ are repeated as appropriate to the


values in field ʹf10ʹ and ʹf12ʹ respectively. If field ʹf12ʹ is zero then
field ʹf13ʹ is omitted.

Note 3: Fields ʹf15ʹ and ʹf16ʹ are repeated as appropriate to the value
in field ʹf14ʹ. If field ʹf14ʹ is zero then fields ʹf15ʹ & ʹf16ʹ are omitted.

Note 4: If Specific Command Reject processing is not activated,


rejects will be reported as standard ʹReady Aʹ rejects.

Note 5: If field ʹf4ʹ is zero, field ʹf5ʹ is omitted.

Note 6: ICCs do not have to support selection of ICC applications


by partial AID / ʹDF Nameʹ value. It is advisable to use full AID
values in field ʹf3ʹ.

Note 7: If field ʹf1ʹ is sent without fields ʹf2ʹ through ʹf21ʹ, the entry
to which field ʹf1ʹ refers is deleted from the table.

Note 8: If data for a specific Entry Number is supplied more than


once within the message, the later mapping is used for processing.
For example:

00 07 A0000000080001 00 CAM 0000 0001 0070000000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
01 06 A00000000201

<GS>01 07 A0000000080002 00 CAM 0000 0001 0070000000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
00

<GS>02 07 A0000000070001 00 CAM 0000 0001 0070000000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
02 07 A0000000031010
07 A0000000041010

<GS>03 07 A0000000031010 04 Visa CAM 0000 0001 0010000000

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-19
Host to SST Messages
EMV Configuration Message

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
02 07 A0000000032010
07 A0000000033010

<GS>04 07 A0000000032010 00 CAM 0000 0001 0010000000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
00

<GS>05 07 A0000000033010 00 CAM 0000 0001 0010000000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
00

<GS>06 07 A0000000041010 00 CAM 0000 0001 0010000000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
02 07 A0000000046000
07 A0000000043060

<GS>07 07 A0000000046000 07 MasterCard CAM 0000 0001


5810F80000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
00

<GS>08 07 A0000000043060 00 CAM 0000 0001 5810F80000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
00

<GS>09 07 A0000000041030 00 CAM 0000 0001 5810F80000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
00

<GS>0A 06 A00000000201 00 CAM 0000 0001 5810F80000

0A 9F06575A5F349F279F269F10829F368C
05 9F279F269F10959B
00

Where:
<GS> is a group separator.
Spaces and new lines are included for clarity, but do not appear in
the actual message to the SST.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-20 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

This example has eleven CAM ICC application Primary AIDs, all
with a version number in the range 0x0000 to 0x0001 inclusive.
All entries identify that the following are to be included in the
transaction request:
 Application Identifier (AID) (tag 0x9F06)
 Track 2 Equivalent Data (tag 0x57)
 Application PAN (tag 0x5A)
 Application PAN Sequence Number (tag 0x5F34)
 Cryptogram Information Data (tag 0x9F27)
 Application Cryptogram (tag 0x9F26)
 Issuer Application Data (tag 0x9F10)
 Application Interchange Profile (AIP) (tag 0x82)
 Application Transaction Counter (ATC) (tag 0x9F36) and
 CDOL1 (tag 0x8C) data objects.
All entries identify that the following are to be included as
Completion Data in the first solicited status message that concludes
ICC processing for a transaction:
 Cryptogram Information Data (tag 0x9F27)
 Application Cryptogram (tag 0x9F26)
 Issuer Application Data (tag 0x9F10)
 Terminal Verification Results (TVR) (tag 0x95) and
 Transaction Status Indicator (TSI) (tag 0x9B) data objects.
Entries ʹ00ʹ, ʹ02ʹ, ʹ03ʹ and ʹ06ʹ have secondary AID values.
Entries ʹ03ʹ and ʹ07ʹ have Default Application Label values.
Entries ʹ00ʹ, ʹ01ʹ and ʹ02ʹ have a ʹPrimary AID Terminal Action Code ‐
Denialʹ value indicating that a transaction should be declined offline
by the SST when:
 Requested service is not allowed
 ICC application has expired
 ICC application is not yet effective.
Entries ʹ03ʹ, ʹ04ʹ, ʹ05ʹ and ʹ06ʹ have a ʹPrimary AID Terminal Action
Code ‐ Denialʹ value indicating that a transaction should be declined
offline by the SST only when the requested service is not allowed.
Entries ʹ07ʹ, ʹ08ʹ, ʹ09ʹ and ʹ0Aʹ have a ʹPrimary AID Terminal Action
Code ‐ Denialʹ value indicating that a transaction should be declined
offline by the SST when:
 Offline static data authentication failed (not performed by SST).
 Card is on the SST exception file (not performed by SST).
 Requested service is not allowed.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-21
Host to SST Messages
EMV Configuration Message

 Cardholder verification failed.


 Unrecognised CVM.
 PIN try limit exceeded.
 PIN entry required, PIN pad not present and working.
 PIN entry required, PIN pad present, PIN entered.

Simulated Track 2 Data 3

If simulated track 2 data is selected, the SST will construct this data
from the following ICC data objects:
 Primary Account Number (0x5A),
 Application Expiry Date (0x5F24) and
 additional track 2 data downloaded in field f21 of the “ICC
Terminal Acceptable Application IDs Table”.
The simulated track two data is constructed as follows:

Primary
Application Additional
Start Account Field End
Expiry Date Track 2
Sentinel Number Separator Sentinel
(YYMM) Data
(PAN)

‘;’ From ‘=’ From From ‘?’


ICC ICC AID
object object table f21
0x5A 0x5F24 (if
present)

If the simulated track 2 buffer would result in a length greater than


40 (inclusive of the Field Separators and Sentinels), then the leftmost
39 bytes of data are used, followed by the End Sentinel.
Example If the terminal acceptable AID table download for the 3

selected application has the following values for f18 onwards:


....01030732323331373031
and the ICC application has returned the following objects:
5A 08 4916245531413011

and
5F24 03 050301
then the simulated Track 2 data used by NDC for the transaction
would be:
;4916245531413011=05032231701?

As f18 is set to 01 in this example, this would only be sent to the host
if there was no track 2 data read successfully from the card, when
the data would be placed into the track 2 buffer of the Transaction
Request message.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-22 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
EMV Configuration Message

Compatibility with Earlier Edge Versions and Other NDC


Variants 3

As the new “ICC Terminal Acceptable Application IDs Table” fields


f17 to f21 are optional, and all the default settings support previous
releases of EMV CAM2 in all NDC variants, there are no
compatibility issues with existing host systems.
However, if the constructed track 2 buffer is enabled by a host,
additional Financial Institution Tables (FITs) may be required to
match against the simulated track 2 data derived from the selected
ICC application.
Depending on the Track 2 Data for the Host (f18) field setting, the
simulated track 2 data may not be sent to the host system. However,
the host can derive this track 2 data if it requests the inclusion of the
Primary Account Number (ICC object 0x5A) and Application
Expiry Date (0x5F24) in the CAM buffer of the Transaction Request
message. Using these objects and the additional track 2 information
(already supplied to the SST by the host system), the host can
reconstruct the simulated track 2 buffer.

Local setting of Track Data settings f18,f19,f20,f21 3

When fields f18 to f21 are not supported by the host, they cannot be
configured locally.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-23
Host to SST Messages
Transaction Reply

Transaction Reply 3

The Transaction Reply message remains unaltered, apart from the


addition of ‘at1’ and ‘at2’ fields immediately following field ʹx’, or
the addition of the ‘bc’ field immediately following field ʹbb ʹ. These
fields are identified below.

Note: Fields ʹat2bʹ, ʹat2cʹ, ʹat2dʹ, ‘bc2b’, ‘bc2d’, ‘bc2g’ are normally
binary values. These values are converted to ASCII hex for
transmission; for example, the single‐byte value 0x9A would be
transmitted as the two‐byte value ʹ9Aʹ. The table below shows the
data format as sent from the host.

Number of
Field Mandatory/ Optional Description
Characters

FS 1 See Note 1: Field Separator.

at1 1 See Note 1: Buffer Identifier. The value is fixed as ʹ5ʹ to indicate smart card data.

at2 ‐ ‐ Smart Card Data ‐ see sub‐fields:

at2a 3 See Note 1: Smart Card Data Identifier.


ʹCAMʹ ‐ Data in buffer is for CAM.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-24 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
Transaction Reply

Number of
Field Mandatory/ Optional Description
Characters

at2b See Note 2: Issuer Authentication Data (up to 36 bytes) in BER‐TLV format, as
follows:
M
2 ʹ91ʹ for tag 0x91
M
2 Length, in hex, of the following Issuer Authentication Data. The length
value must be in the range 0x08 (ʹ08ʹ) to 0x10 (ʹ10ʹ) inclusive.
M
up to 16 Authorisation Response Cryptogram (ARPC) and any scheme
specific/proprietary Issuer Authentication Data.

at2c See Note 3: Authorisation Response Code (8 bytes) in BER‐TLV format, as follows:

2 M ʹ8Aʹ for tag 0x8A

2 M Length, in hex, of the Authorisation Response Code (ʹ02ʹ)

4 M Authorisation Response Code value.

at2d Var. See Note 5: and Issuer Script(s).


See Note Note 6:
4:, Note 7: Each script is in a BER‐TLV formatted data object with a tag of 0x71 or
and Note 0x72.
8:
Each script data object may optionally contain a script ID data object
(tag 0x9F18), but the value must not be more than four bytes.

Script commands will be held within script data objects and will be
identified with the tag value of 0x86.

Example Script Data:


ʹ72 17 9F 18 04 12 34 56 78 86 0E 04 DA 9F 58 09 05
01 23 45 67 89 AB CD EFʹ

Where:
72 = Issuer Script Tag
17 = Length of Data
9F 18 = Script ID Tag
04 = Length of Script ID
12 34 56 78 = Script ID
86 = Issuer Script Command Template Tag
0E = Issuer Script Command Template Tag length
04 DA 9F 58 09 05 01 23 45 67 89 AB CD EF = Issuer Script Command
(PUT DATA)

Note 1: The field separator, buffer identifier and smart card data
identifier may only be omitted from the Transaction Reply or
Interactive Transaction Reply if CAM data is not expected.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-25
Host to SST Messages
Transaction Reply

Note 2: If the Issuer Authentication Data (ARPC) is not available,


for example because the Issuer connection is unavailable or the
Issuer does not respond with CAM data, this field may be omitted
to avoid subsequent rejection of the host response. If this field is not
omitted, the field separator, buffer identifier and smart card data
identifier must also be present.

Note 3: If the Authorisation Response Code is not available, for


example because the Issuer connection is unavailable or the Issuer
does not respond with CAM data, this field may be omitted to avoid
subsequent rejection of the host response; otherwise it must be
present. If this field is not omitted, the field separator, buffer
identifier and smart card data identifier must also be present.
If the Authorisation Response Code is received from the host and
has a value of ‘30 30’, the SST requests a Transaction Certification
(Approval) from the card.
Edge Only
If the Authorisation Response Code is not present or is not set to ‘30
30’, an Application Authorisation Cryptogram (Decline) is
requested from the card.
Activate Only
If the Authorisation Response Code is not set to ‘30 30’, an
Application Authorisation Cryptogram (Decline) is requested from
the card, except for Debit Transactions, where a Transaction
Certification(Approval) will always be requested from the card.
If the Authorisation Response Code is not present then it is faked as
’30 30’ and a Transaction Certification (Approval) is requested from
the card.

Note 4: By default the card service does not place any limit on the
length of the EMV issuer scripts that are processed from the host
and no reject is sent relating to script length. If a limit is required
then this is set using the Card Service IssuerScriptLimit property
which is used by the EMV token during processing of the scripts.

Note 5: Issuer script(s) are optional and may be omitted. If this field
is not omitted, the field separator, buffer identifier and smart card
data identifier must also be present. For further details on Issuer
Scripts, see “Issuer Script Results and Completion Data” on
page 2‐13.

Note 6: No validation of the issuer script data is performed by NDC


Business Services. The data is passed to the EMV Kernel for
processing. For details of the EMV Kernel, refer to the .NET EMV
Card Services On‐line Documentation.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-26 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Host to SST Messages
Transaction Reply

Note 7: A limit on the length of issuer scripts can be required by


any of the following:

 A known protocol capability limit to transport issuer scripts


 Domestic requirements
 Specific implementation limitation.
When you implement an EMV solution any requirement for a limit
must be verified and must be in line with the EMCo Level 2
Configuration of the EMV Kernel being used. The pages attached to
the Letter of Approval or the ICS Implementation Conformance
Statement of the EMV Kernel will detail if a limit is present and
which value is supported.

Note 8: A limit on the length of issuer scripts could be required for


testing purposes only. As mentioned in Note 4: on page 3‐26, the
limit can be set using the Card Service IssuerScriptLimit
property. Ensure that this setting is removed after validation is
complete.

This field is not supported for NDC Business Services.


Field ‘bc’ ‐ Transaction
Data Objects Update
Buffer 3

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 3-27
Host to SST Messages
Interactive Transaction Response

Interactive Transaction Response 3

The Interactive Transaction Response remains unaltered, with the


exception that the fields previously described in “Transaction
Reply” on page 3‐24 follow field ʹjʹ.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

3-28 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
State Tables

Chapter 4
State Tables

State Tables 4‐1

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
State Tables

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
State Tables
D

State Tables

State Tables 4

NDC Business Services will accept state tables downloaded by the


host, but the configuration data provided by the state tables is not
used by the application.
Alternative configuration for the solution environment is provided
through NDC Business Services, the Card Service and the
Customiser configuration files.
The NDC Customiser is responsible for the decision on whether to
add the CAM data fields to request messages (primarily to support
the duplication of CAM data for subsequent request messages
during the same card session).
Activate Only
The EMV configuration options for the Card Service are
documented in the APTRA Activate NDC Business Services On‐line
Documentation, “Card Service Configuration”.
Edge Only
Of particular relevance for EMV processing are the EMV
configuration options for the Card Service provided by the
NDCCAM2TerminalConfiguration.xml file documented in the NDC
Business Services On‐line Documentation. The “Configuration for
EMV” topic provides additional translet configuration required for
EMV support in NDC Business Services.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 4-1
State Tables
State Tables

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

4-2 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
ICC Processing

Chapter 5
ICC Processing

Overview 5‐1

Issuer Script Processing 5‐2

Data Object List (DOL) Processing 5‐3

BER‐TLV Data Object Processing 5‐4


BER‐TLV Data Object Padding 5‐4
Terminal Specified BER‐TLV Data Objects 5‐4

Transaction Data Object List (TDOL) Processing 5‐12

Printing EMV Data Values 5‐13

MAC Configuration 5‐14

Terminal Verification Results (TVR) Processing 5‐16

Transaction Status Information (TSI) Processing 5‐20

PIN Encryption and Verification 5‐22

ICC Application Name Display 5‐23

Voice Guidance 5‐24

Dynamic Currency Conversion 5‐25

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
ICC Processing

Error Handling 5‐26


Fake ICC Application Errors 5‐27

ICC Application Journal Error Message ‐ Activate Only 5‐28

ICC Processing Termination 5‐30

Authorisation Response Codes 5‐31

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
E

Overview

Overview 5

This chapter provides an overview of the following ICC processing


functions:
 Issuer Script Processing
 Data Object List (DOL) Processing
 Basic Encoding Rules ‐ Tag Length Value (BER‐TLV) Data
Object Processing
— BER‐TLV Data Object Padding
— Terminal Specified BER‐TLV Data Objects
 Transaction Data Object List (TDOL) Processing
 Printing EMV Data Values
 MAC Configuration
 Terminal Verification Results (TVR) Processing
 Transaction Status Information (TSI) Processing
 PIN Encryption and Verification
 ICC Application Name Display
 Voice Guidance
 Dynamic Currency Conversion
 Error Handling
 ICC Application Journal Error Message
 ICC Processing Termination
 Authorization Response Codes
NDC Business Services assumes that Application ID (AID)
processing has been performed, as summarised in Chapter 3, “ICC
Terminal Acceptable Application IDs Table”.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-1
ICC Processing
Issuer Script Processing

Issuer Script Processing 5

There are two types of issuer scripts which may be sent in the
response from the host, both of which are distinguished by their
tags. If the issuer script has a tag of 0x71, the issuer script is to be
submitted to the ICC immediately before the second GENERATE AC
command. If the issuer script has a tag of 0x72, the issuer script is to
be submitted to the ICC after the second GENERATE AC command.
If the issuer script processing is being performed before the second
GENERATE AC command, all the scripts beginning with tag 0x71
are executed sequentially as they are found in the the host response.
Similarly, each command within each script is also executed
sequentially as found.
If the issuer script processing is being performed after the second
GENERATE AC command, all the scripts beginning with tag 0x72
are executed sequentially as they are found in the the host response.
Similarly, each command within each script is also executed
sequentially as found.
Script processing results are sent to the host on the first available
solicited status message to be transmitted, following receipt of the
transaction reply currently being processed.
In an NDC Business Services solution, invalidly formatted issuer
script data is not rejected during transaction reply validation, prior
to issuer script processing. Instead, an attempt to process each script
is made until the script is complete, an ICC level error occurs, or a
formatting error is discovered. The results of issuer script
processing are passed to the host within the next solicited status
message. For details of issuer script process, see “Issuer Script
Results and Completion Data” on page 2‐13.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-2 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
Data Object List (DOL) Processing

Data Object List (DOL) Processing 5

All Data Object List (DOL) objects are processed in accordance with
the rules defined by the EMV standards. For the purpose of
processing objects identified by a DOL, the object type is also as
defined in the EMV standard.
In addition, the MasterCard proprietary Transaction Category Code
data object (tag 0x9F53) is defined as having the type
‘alphanumeric’ (ASCII encoded).

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-3
ICC Processing
BER-TLV Data Object Processing

BER‐TLV Data Object Processing 5

All object data is checked to ensure that it is in Basic Encoding Rules


‐ Tag Length Value (BER‐TLV) format as defined by the EMV
standard.
Additionally, the object tag must not be more than two bytes long.
The EMV Kernel is responsible for the validation of ICC application
responses to commands. If an error occurs, the error details are
made available by the EMV Kernel and may be reported to the host
‐ see “Error Handling” on page 5‐26.

ISO 7816‐4 indicates that one or more padding bytes, of the value
BER‐TLV Data Object 0xFF or 0x00, may precede or trail BER‐TLV formatted data objects.
Padding 5
This padding is to allow for data deletion and modification on the
ICC.
ISO 7816‐4 also indicates that BER‐TLV data objects cannot have a
tag starting with 0x00 or 0xFF.
Although padding is supported for BER‐TLV data obtained from
the ICC, all messages to the SST from the host must not include
padding in BER‐TLV formatted message fields. If padding is
included in a message, an appropriate reject response will be sent to
the host.
The messages from the SST to the host do not include any padding
in BER‐TLV formatted fields.

The following table defines the subset of Terminal Specified


Terminal Specified BER‐TLV Data Objects supported by NDC Business Services in
BER‐TLV Data Objects 5
alphabetical order. The table shows the method(s) by which these
objects may be configured:
 Automatic ‐ automatically configured during processing
 Local config ‐ locally configured in configuration files

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-4 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
BER-TLV Data Object Processing

 Host download ‐ downloaded from the host (ICC Terminal Data


Objects or ICC Terminal Acceptable Application IDs Table
message).

No. of Configuration
Element Name Description Tag Value
bytes Options

Account Type Indicates the type of account 0x5F57 1 Value local config
selected on the SST. representing the
account type in 2
0x00 ‐ Default / unspecified Binary Coded
Decimal (BCD)
0x10 ‐ Savings digits.

0x20 ‐ Cheque

0x30 ‐ Credit

Acquirer Uniquely identifies the acquirer 0x9F01 6 Value


Identifier within each payment system. representing the local config,
acquirer in 6‐11 host download
BCD digits.

AID Application ID as selected by 0x9F06 5 ‐ 16 AID of application host download


the SST. selected in Binary
Coded Decimal
(BCD).

Amount Authorised amount for the 0x9F02 6 Value of automatic


Authorised transaction (excluding transaction in
(Numeric) adjustments). minor currency
units, formatted in
BCD.

Amount Authorised amount for the 0x81 4 Value of automatic


Authorised transaction (excluding transaction in
(Binary) adjustments). minor currency (provided by the
units, as a binary EMV Kernel
value. based on 0x9F02)

Amount Other Secondary amount associated 0x9F03 6 Populated only automatic


than with the transaction for host
(Numeric) representing a cash‐back communication
amount. (i.e. not used ICC
processing).
Provided as six
‘0x00’ bytes only
when the Amount
Authorised (tag
0x9F02) is present.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-5
ICC Processing
BER-TLV Data Object Processing

No. of Configuration
Element Name Description Tag Value
bytes Options

Application For an application in the ICC to ‐ ‐ Provided in 2 host download


Selection be supported by an application characters of field
Indicator in the SST, the Application f18, ICC Terminal
Selection Indicator indicates Acceptable
whether Application IDs
 the associated AID in the Table.
SST must match the AID in
the card exactly, including
the length of the AID
(OR)
 only up to the length of the
AID in the SST.
There is only one Application
Selection Indicator per AID
supported by the SST

Application Application version supported 0x9F09 2 Value taken from host download
Version by the SST. the ‘Primary AID
Number Highest
Application
Version Number’
field in the
selected ICC
applicationʹs
corresponding
‘ICC Terminal
Acceptable AID
Table’ entry.
See“ICC Terminal
Acceptable
Application IDs
Table” on
page 3‐14.

Authorisation Value generated by the 0x8A 2 This data object host download
Response Code authorisation authority for an will not be (Reply)
approved transaction available if tag
0x8A is not
provided by the
issuer in the
appropriate
Transaction
Reply/Interactive
Transaction
Response for the
transaction being
processed.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-6 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
BER-TLV Data Object Processing

No. of Configuration
Element Name Description Tag Value
bytes Options

Interface Device This Interface Device Serial 0x9F1E 8 The ATM serial local config,
Serial Number Number is the unique identifier number should be host download
for the SST. used to populate
this value.
This object must be locally If no serial
configured in an NDC Business number has been
Services solution. configured then
this object will not
be populated.

Issuer Script The results of the processing of 0x9F5B Var The results of automatic
Results any issuer scripts. processing the
Issuer scripts. If
no issuer scripts
have been
received then the
object will not be
populated.

Merchant Classifies the type of business 0x9F15 2 Provided in 4 local config,


Category Code being done by the merchant, BCD digits with a host download
represented according to ISO default value of
8583:1993 for Card Acceptor 0x00 0x00.
Business Code.

Merchant When concatenated with the 0x9F16 15 15 alphanumeric local config,


Identifier Acquirer Identifier, uniquely characters. host download
identifies a given merchant.

(Activate only) Indicates the name and location 0x9F4E var alphanumeric local config,
Merchant Name of the merchant. characters. host download.
and Location

Point‐of‐Service Indicates the method by which 0x9F39 1 2 BCD digits Not directly
(POS) Entry the PAN was entered, provided by the
Mode according to the first two digits NDC Business
of the ISO 8583:1987 POS Entry Services. The
Mode NDC
Customiser can
be configured to
map an
OPCODE digit
for this purpose.

Terminal Action Specifies the acquirer‘s ‐ 5 0xFF 0xFF 0xFF automatic


Code ‐ Default conditions that cause a 0xFF 0xFF ‐
transaction to be rejected if it Always reject
might have been approved transaction if
online, but the SST is unable to unable to go
process the transaction online. online.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-7
ICC Processing
BER-TLV Data Object Processing

No. of Configuration
Element Name Description Tag Value
bytes Options

Terminal Action Specifies the acquirer‘s ‐ 5 5 bytes used for host download
Code ‐ Denial conditions that cause the denial Terminal Action
of a transaction without an Analysis in
attempt to go online. conjunction with
the Terminal
Verification
Results (TVR).

Terminal Action Specifies the acquirer‘s ‐ 5 0xFF 0xFF 0xFF automatic


Code ‐ Online conditions that cause a 0xFF 0xFF ‐
transaction to be transmitted Always take a
online. transaction online.

Terminal Indicates the card data input, 0x9F33 3 The default value Activate:
Capabilities CVM and security capabilities provided is 0x60 automatic
of the SST. 0x40 0x20 (default),
local config,
0x60 ‐ Magnetic stripe and ICC When host download
with contacts capabilities. downloaded or
configured Edge:
0x40 ‐ On‐line enciphered PIN locally, only the automatic
is used for CVM. following bits of (default),
data can be host download
0x20 ‐ Card capture can be overridden in the
performed. default values:

byte 1, bits 8, 7, 6
byte 2, bits 8, 7, 4
byte 3 bit 6.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-8 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
BER-TLV Data Object Processing

No. of Configuration
Element Name Description Tag Value
bytes Options

Terminal Indicates the data input and 0x9F40 5 The default value Activate:
Capabilities output capabilities of the SST. provided is 0x8E automatic
(Additional) 0x00 0xB0 0x13 (default),
0x8E‐ payment, transfer, 0xFF local config,
enquiry and cash transactions host download
can be performed on this SST. Where byte 4
(0x13) is ORʹd Edge:
0x00 ‐ reserved for future use. with: automatic
(default),
0xB0 ‐ SST has numeric, 0x20 ‐ if TTU is host download
command and function keys. present

0x13 ‐ data can be output to a 0x40 ‐ if receipt


consumer display. ISO 8859 printer present.
parts 9 and 10 character sets are
supported. See the “Value” 0x80 ‐ if journal
column for other possible printer is present.
values dependent on device
availability. When
downloaded or
0xFF ‐ Character sets from ISO locally
8859 parts 1 to 8 inclusive are configured, the
supported. following bits of
data will not be
The supported ISO 8859 used to overwrite
character sets and their font IDs the default values:
are listed in Appendix F, “ISO
8859 Character Sets”. byte 2, bits 0 ‐ 7
byte 3, bits 0 ‐ 4
byte 4, bits 2, 3.

Terminal A SST identification number. 0x9F1C 8 The machine local config,


Identification number should be host download
used to populate
this value.
If no SST
identification
number has been
configured then
this object will not
be populated.

Terminal Floor A default floor limit of zero will 0x9F1B 4 Zero by default. automatic
Limit be set by the SST. (default),
local config,
host download

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-9
ICC Processing
BER-TLV Data Object Processing

No. of Configuration
Element Name Description Tag Value
bytes Options

Terminal Status of the different functions 0x95 5 See “Terminal automatic


Verification as seen from the SST. Verification
Results Results (TVR)
Processing” on
page 5‐16.

Transaction Indicates the currency code of 0x5F2A 2 Matches the automatic


Currency Code the transaction according to currency used in a
ISO 4217. transaction flow.

Transaction Indicates the implied position 0x5F36 1 Matches that in automatic


Currency of the decimal point from the use for a
Exponent right of the transaction amount transaction.
represented according to ISO
4217

Transaction Local date that the transaction 0x9A 3 YYMMDD. automatic


Date was authorised.
Date from SST
clock in BCD,
taken at start of
Pre‐authorize
processing before
the first
GENERATE AC
command is
called.

Transaction Counter maintained by the SST 0x9F41 2 Value in the range automatic
Sequence that is incremented by one for 0001 to 9999
Counter each successful initialisation of (decimal)
an ICC application. inclusive, encoded
in BCD.

The counter is
cyclic, and
defaults to 0001
(decimal) on
power up.

Transaction Status of authentication 0x9B 2 See “Transaction automatic


Status transaction as seen from the Status
Information SST. Information (TSI)
Processing” on
page 5‐20.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-10 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
BER-TLV Data Object Processing

No. of Configuration
Element Name Description Tag Value
bytes Options

Transaction Local time that the transaction 0x9F21 3 HHMMSS. automatic


Time was authorised. Time from the SST
clock in BCD
taken at the start
of Pre‐authorize
processing before
the first
GENERATE AC
command is
called.

Transaction Indicates the type of financial 9C 1 2 digits of BCD. Activate:


Type transaction, represented by the automatic
first two digits of the ISO
8583:1987 Processing Code. Edge:
local config
Purchase ‐ 0x00
Debit ‐ 0x01
Deposit ‐ 0x21
Balance ‐ 0x31
Statement ‐ 0x34
Passbook ‐ 0x34
Transfer ‐ 0x40
Payment ‐ 0x50
PIN Change ‐ 0x70

Unpredictable Value to provide variability 0x9F37 4 Random number automatic


Number and uniqueness to the in binary.
generation of the application
cryptogram.

Note 1: Any objects not known by the SST (that is, not in the list
above) and not retrieved from the ICC , but referenced by a DOL,
are processed following the DOL processing rules identified in
“Data Object List (DOL) Processing”.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-11
ICC Processing
Transaction Data Object List (TDOL) Processing

Transaction Data Object List (TDOL)


Processing 5

If the Transaction Certificate (TC) Hash Value (tag 0x98) data object
is requested by a DOL (principally CDOL1 or CDOL2), then
theʺEMV Kernelʺ needs to calculate the value for the data object so
that it can be output as part of the DOL data.
Processing the output of the TDOL with this algorithm provides a
checksum/signature which is 20 bytes long.

Note: If the TC Hash Value data object is referenced in TDOL, this


is regarded as invalid content for the purposes of DOL processing.
The TDOL data object is optionally returned by the ICC application
during processing. If the TDOL data object has not been obtained, a
default value for TDOL is used. The default is defined as follows:

Object Name Tag Length (bytes)

Amount Authorised 0x9F02 6

Transaction Currency Code 0x5F2A 2

Transaction Date 0x9A 3

Transaction Type 0x9C 1

Terminal Verification Results 0x95 5

Unpredictable Number 0x9F37 4

Activate Only
A new DefaultTDOL can be configured on NDCCardIssuerInfo
using the .NET Class Configurator.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-12 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
Printing EMV Data Values

Printing EMV Data Values 5

There is no specific support in NDC Business Services for the


printing of EMV tagged values, except through their full text
inclusion in printer data.
APTRA Advance NDC supports the inclusion of control sequences
in printer data to facilitate the insertion of EMV object values.
If similar functionality is required, please consult the NDC
Customiser for the available options.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-13
ICC Processing
MAC Configuration

MAC Configuration 5

To enable message authentication to be performed on the new


Transaction Request and Transaction Reply message fields and the
new messages introduced with NDC CAM, the MAC processing
has been extended to enable the MAC value calculation processing
to take account of these changes.
The standard Message Authentication Field Selection Load message
has also been extended to cover the new fields and messages.
For the Smart Card Data buffer (data ID ‘5’, fields ‘bd1’ and ‘bd2’)
extension in the Transaction Request message, the Message
Authentication Field Selection Load message field ‘h’ (Transaction
Request Field) has an additional flag appended at offset 46. This flag
contains a value of ‘0’ if the Smart Card Data buffer is not to be used
in the MAC value calculation, or a value of ‘1’ if it is to be used. For
more details, see “Transaction Request Message Format” on
page 2‐4.
For the Smart Card Data buffer (data ID ‘5’, fields ʹat1ʹ, ʹat2ʹ)
extension in the Transaction Reply message, the Message
Authentication Field Selection Load message field ʹiʹ (Transaction
Reply Field) has an additional flag appended at offset 36 for NDC
Business Services. This flag contains a value of ʹ0ʹ if the Smart Card
Data buffer is not to be used in the MAC value calculation, or a
value of ʹ1ʹ if it is to be used. For more details, see “Transaction
Reply” on page 3‐24 and “Interactive Transaction Response” on
page 3‐28.
For the new messages which form the new EMV Configuration
message class, an additional field ‘o’ has been added immediately.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-14 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
MAC Configuration

following the Message Authentication Field Selection Load message


field ‘n’ (Track 3 Field). Field ‘o’ is formatted as follows:

Number of
Field Mandatory/ Optional Description
Characters

FS 1 O Field Separator.

Always present if field ‘o’ is included in the message.


If ‘o’ is not being included, this field separator is omitted.

o 5 See Note 1: and For each offset position, if the field contains ‘0’, no MAC is added to the
Note 2: message indicated. If it contains ‘1’, a MAC is added to the message.

Offset Description
0 ICC Currency Data Objects Table message
1 ICC Transaction Data Objects Table message
2 ICC Language Support Table message
3 ICC Terminal Data Objects message
4 ICC Terminal Acceptable AIDs Table message

Note 1: This field may be truncated, that is, trailing characters may
be omitted. The omitted characters have the value zero.

Note 2: If this new field is included, its value is used in the


calculation of the MAC value in the Message Authentication Field
Selection Load message field ‘p’ (previously ‘o’) Message
Authentication Code Data.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-15
ICC Processing
Terminal Verification Results (TVR) Processing

Terminal Verification Results (TVR)


Processing 5

The relevant fields within the Terminal Verification Results (TVR)


data object are updated by the EMV Kernel, depending on the status
of the ICC and the transaction. All other fields have a fixed value.
The elements of the TVR data object are as follows:

Byte Bit Value Description

1 8 0/1 Initial value set to 0 for PDOL processing.


Then set to 1 to indicate that off‐line data authentication was not performed.

7 0 Off‐line static data authentication has not failed.

6 0/1 ICC Data Missing/Not Missing Flag.

Initially set to 0 (ICC Data Missing) for PDOL processing.

May be set to 1 (ICC Data Not Missing) as a result of CVM processing.

5 0 Card does not appear on SST exception file.

4 0 Off‐line dynamic data authentication has not failed.

3 0 Reserved.

2 0 Reserved.

1 0 Reserved.

2 8 0/1 ICC Application Version Out of Range Flag

If the version number returned from the Application Version Number (tag 0x9F08) data
object during ICC application processing is not within the specified range for the
matching ICC Terminal Acceptable AIDs Table entry (that is, whose Full/Partial Primary
AID Value matched the ICC AID for the ICC application being processed), this bit is set to
1.

For more details, see “ICC Terminal Acceptable Application IDs Table” on page 3‐14.

If the version number is in range, or if the Application Version Number data object was
not obtained from the ICC, or has no value field, this bit is set to 0.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-16 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
Terminal Verification Results (TVR) Processing

Byte Bit Value Description

2 7 0/1 Application Expired Flag

If the date from the Transaction Date (tag 0x9A) data object is after the expiry date
returned from the Application Expiration Date (tag 0x5F24) data object during ICC
Application processing, this bit is set to 1.

Otherwise, if the date is not after the expiry date, or if the Application Expiration Date
data object is not available, this bit is set to 0.

Note: If either data object two‐digit year value is in the range 00 to 49, the corresponding
full year value is 2000 to 2049. However, if the data object two‐digit year value is in the
range 50 to 99, the full year value is 1950 to 1999.

6 0/1 Application Not Yet Effective Flag

If the date from the Transaction Date (tag 0x9A) data object is before the effective date
returned from the Application Effective Date (tag 0x5F25) data object during ICC
application processing, this bit is set to 1.

Otherwise, if the date is not before the effective date, or if the Application Effective Date
data object is not available, this bit is set to 0.

Note: If either data object two‐digit year value is in the range 00 to 49, the corresponding
full year value is 2000 to 2049. However, if the data object two‐digit year value is in the
range 50 to 99, the full year value is 1950 to 1999.

5 0/1 Requested Service Not Permitted Flag

Initially set to 0 (Requested Service Permitted) for PDOL processing.

May be set to 1 (Requested Service Not Permitted) as a result of Application Usage


Control (AUC) processing.

4 0 This card is not new.

3 0 Reserved

2 0 Reserved

1 0 Reserved

3 8 0/1 Cardholder Verification Successful Flag

Initially set to 0 (Cardholder Verification Successful) for PDOL processing.

May be set to 1 (Cardholder Verification Not Successful) as a result of CVM processing.

7 0/1 Cardholder Verification Method (CVM) Recognised Flag

Initially set to 0 (CVM Recognised) for PDOL processing.

May be set to 1 (CVM Not Recognised) as a result of CVM processing.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-17
ICC Processing
Terminal Verification Results (TVR) Processing

Byte Bit Value Description

6 0 PIN Try Limit was not exceeded.

5 0/1 PIN Entry Required But PIN Pad Not Present/Not Working Flag

Initially set to 0 for PDOL processing.

May be set to 1 (PIN Entry Required But PIN Pad Not Present/Not Working) as a result of
CVM processing.

4 0 PIN entry required, PIN Pad present and PIN was entered.

3 0/1 On‐line PIN Entered Flag

If the PIN block is being included in the Transaction Request message and the CVM list
includes an On‐line PIN condition, this bit is set to 1. Otherwise, it is set to 0.

Note: This bit will only be set if the CVM chosen for the transaction was On‐line
enciphered PIN. If CVM processing failed or was not done then this bit will not be set.

2 0 Reserved

1 0 Reserved

4 8 0/1 Transaction Exceeds Floor Limit Flag

If floor limit checking was performed and the amount was equal to or above the floor
limit, this bit is set to 1. Otherwise, it is set to 0.

7 0 Lower consecutive off‐line limit not exceeded.

6 0 Upper consecutive off‐line limit not exceeded.

5 0 Transaction not selected randomly for on‐line processing.

4 0 Merchant did not force transaction on‐line.

3 0 Reserved

2 0 Reserved

1 0 Reserved

5 8 0/1 Default TDOL Used Flag

If the TC Hash Value (tag 0x98) was requested during DOL processing and the default
value for the TDOL (tag 0x97) data object was used, this bit is set to 1. Otherwise, it is set
to 0.

7 0/1 Issuer Authentication Success/Fail Flag

If the ICC command EXTERNAL AUTHENTICATE fails, this bit is set to 1.

Otherwise, if the ICC command EXTERNAL AUTHENTICATE is successful, or is yet to


be performed, it is set to 0.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-18 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
Terminal Verification Results (TVR) Processing

Byte Bit Value Description

6 0/1 Script Processing Before Final Generate AC Success / Fail Flag

If any tag 0x71 issuer scripts fail (returned in a host response to the Transaction Request),
this bit is set to 1.

Otherwise, this bit is set to 0.

5 0/1 Script Processing After Final Generate AC Success/Fail Flag

If any tag 0x72 issuer scripts fail (returned in a host response to the Transaction Request),
this bit is set to 1.

Otherwise, this bit is set to 0.

4 0 Reserved

3 0 Reserved

2 0 Reserved

1 0 Reserved

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-19
ICC Processing
Transaction Status Information (TSI) Processing

Transaction Status Information (TSI)


Processing 5

The relevant fields within the Transaction Status Information (TSI)


data object are updated by the EMV Kernel depending on the status
of the ICC and the transaction. All other fields have a fixed value.
The elements of the TSI are as follows:

Byte Bit Value Description

1 8 0 Off‐line data authentication was not performed.

7 0/1 Cardholder Verification Performed Flag

Initially set to 0 (Cardholder Verification Not Performed) for PDOL processing.

May be set to 1 (Cardholder Verification Performed) as a result of CVM processing.

6 0/1 Card Risk Management Performed Flag

If the ICC responds with an ARQC to the first GENERATE APPLICATION


CRYPTOGRAM command, this bit is set to 1 (Card Risk Management Performed).

Otherwise, this bit is set to 0 (Card Risk Management Not Performed).

5 0/1 Issuer Authentication Performed Flag

If the ICC command EXTERNAL AUTHENTICATE has been submitted to the ICC, this
bit is set to 1. Otherwise, it is set to 0.

4 0/1 Terminal Risk Management Performed Flag

If the Terminal Floor Limit is downloaded from the host, terminal risk management is
performed and this bit is set to 1. Otherwise, it is set to 0.

3 0/1 Script Processing Performed Flag

If an attempt is made to process one or more issuer scripts (tag 0x71 or tag 0x72), this bit is
set to 1. Otherwise, it is set to 0.

2 0 Reserved

1 0 Reserved

2 8 0 Reserved

7 0 Reserved

6 0 Reserved

5 0 Reserved

4 0 Reserved

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-20 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
Transaction Status Information (TSI) Processing

Byte Bit Value Description

3 0 Reserved

2 0 Reserved

1 0 Reserved

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-21
ICC Processing
PIN Encryption and Verification

PIN Encryption and Verification 5

For ICC applications, you should be aware of the following:


 Each ICC application present on a card may have a unique PIN
value, which may also differ from the consumer PIN value used
if performing a magnetic stripe based transaction.
 Each ICC application present on a card may have unique track 2
equivalent data, which may also differ from the track 2 data
present on the magnetic stripe.
These facts become very important when the host is performing
consumer PIN verification using track 2 data. This is because when
a consumer PIN is to be sent from the SST to the host for
verification, it is encrypted into a block. The encryption process uses
both the consumer‐entered PIN and the track 2 PAN as input to
create the encrypted PIN block.
On receipt of the encrypted PIN block, the host verifies the
consumer PIN value using the track 2 PAN.
In order to successfully verify the PIN, the host needs to be sent (or
be able to derive) the track 2 data used by the SST to construct the
encrypted PIN block. The track 2 data used by the SST is configured
using the “ICC Terminal Acceptable Application IDs Table” fields
f18 to f21.

Note: The above processing is also relevant to PIN change


processing, where the new PIN value and new PIN confirmation
value are encrypted for transmission to the host.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-22 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
ICC Application Name Display

ICC Application Name Display 5

The ICC application name displayed to the consumer is provided


through the ConsumerLabel property of the ConsumerEMVToken
class. The label is dependent on the availability of data objects and
the validity of their values, as follows:
 If the ʹIssuer Code Table Indexʹ data object (tag 0x9F11) is
available and has a value in the range 0x01 to 0x10 (BCD)
inclusive, the ʹApplication Preferred Nameʹ data object (tag
0x9F12) is used as the ICC application name.
 If the ʹIssuer Code Table Indexʹ data object (tag 0x9F11) is
available but does not have a value, or the value is outside the
range 0x01 to 0x10 (BCD) inclusive, the ʹApplication Labelʹ data
object (tag 0x50) is used.
 If the ʹApplication Preferred Nameʹ data object (tag 0x9F12) is
not available, the ʹApplication Labelʹ data object (tag 0x50) is
used.
 If the ʹApplication Labelʹ data object (tag 0x50) is not available,
the default ʹApplication Labelʹ from the current “ICC Terminal
Acceptable Application IDs Table” entry is used.
 If the ʹApplication Labelʹ data object (tag 0x50) is not available,
and the default ʹApplication Labelʹ from the current “ICC
Terminal Acceptable Application IDs Table” entry is also not
available, the ICC application name is blank.
There is no specific support in NDC Business Services for
embedding EMV Application Names within downloaded screen
data.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-23
ICC Processing
Voice Guidance

Voice Guidance 5

There is no specific support in NDC Business Services for Voice


guidance in EMV Transactions.
Solution developers can incorporate EMV information into existing
guidance configurations.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-24 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
Dynamic Currency Conversion

Dynamic Currency Conversion 5

EMV Transactions involving Dynamic Currency Conversion(DCC)


to support foreign currency transactions at an SST are not supported
by NDC Business Services.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-25
ICC Processing
Error Handling

Error Handling 5

If the error being reported is due to a hardware‐based failure,


standard NDC error processing is applied for error reporting to the
host and the journal.

Note: A reported hardware fault may not always be due to a fault


with the SST, as the error may correspond to an SST to ICC
interaction where the card is faulty (for example, dirty chip
contacts).
When a non‐fatal hardware fault occurs, the ICC is powered down
and returned to the MCRW.
All ICC processing errors (hardware and application errors) that
occur after the successful selection of an ICC application, are
reported to the host in solicited / unsolicited status messages. If a
smart card processing error occurs out with the NDC Business
Services, an unsolicited device status message will not be sent to the
NDC Host.
EMV processing is split over a number of objects within an
application and NDC specific objects form a subset of these objects.
The remaining objects are reusable components that can be used
within any business service implementation, regardless of the
financial interchange messaging format in use.
It is not viable for all reusable objects (for example, one which is
solely responsible for retrieving and validating EMV Applications
from the chip), to update and send a NDC specific unsolicited
device status message when an error occurs. If an error occurs in a
non‐NDC specific object then it can only be logged to Problem
Determination. For further information on Problem Determination,
refer to the .NET PDC Support Tasks On‐line Documentation.
Additionally, it is not possible to raise all errors from a non‐NDC
object to a NDC specific object, which is capable of transmitting an
unsolicited device status message to the host.
Finally, NCR does not judge the card management to be vital to the
delivery and certification of an EMV‐compliant NDC Business
Services solution, and it does not occur for other card types such as,
Magnetic Stripe.
The impact is that the NDC Host will not dynamically receive error
information every time a corrupt (or potentially fraudulent) EMV
card is used at an SST. Any EMV card processing failures that occur
within the NDC Business Services solution will result in a device
status message to the Host.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-26 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
Error Handling

For the ICC application error message format, see “ICC Application
Solicited/ Unsolicited Error Message Format” on page 2‐11. For the
journal error format see “ICC Application Journal Error Message ‐
Activate Only” on page 5‐28.
Additional ICC application data may also be sent when a solicited
device status message is sent, see “Issuer Script Results and
Completion Data” on page 2‐13.

Fake ICC application errors, not explicitly generated by the ICC, can
Fake ICC Application be generated by NDC Business Services in the following
Errors 5
circumstances.
 Track 2 Equivalent data(Tag 0x57) is not available for PIN Block
Generation ‐ A ‘Part of returned data may be corrupted’ fake
error is generated with CLA = 0xFF, INS = 0xFF, P1 = 0xFF, P2 =
0xFF, Lc = 0x00, Le = 0x00, SW1 = 0x62 and SW2 = 0x81.
 Attempt to perform pre‐authorized processing (1st Generate
Application Cryptogram) results in an AAC (Transaction
Declined) from the ICC ‐ A fake ICC application level error is
generated with CLA = 0xFF, INS = 0xFF, P1 = 0xFF, P2 = 0xFF, Lc
= 0x00, Le = 0x00, SW1 = 0xFF and SW2 = 0xFF.
 Attempt to perform post‐authorized processing (2nd Generate
Application Cryptogram command) when it is in the wrong
processing state. A fake ICC application level error generated
with CLA = 0xFF, INS = 0xFF, P1 = 0xFF, P2 = 0xFF, Lc = 0x00, Le
= 0x00, SW1 = 0xFF and SW2 = 0xFF.
 A Generate Application Cryptogram command returns an
unexpected cryptogram (higher level than that requested). An
’Authentication Failed’ fake error is generated with CLA = 0xFF,
INS = 0xFF, P1 = 0xFF, P2 = 0xFF, Lc = 0x00, Le = 0x00, SW1 =
0x63 and SW2 = 0x00.
 If at least one of the Issuer Script commands has failed, a fake
solicited ICC application level error is generated with CLA =
0xFF, INS = 0xFF, P1 = 0xFF, P2 = 0xFF, Lc = 0x00, Le = 0x00, SW1
= 0xFF and SW2 = 0xFF. Where the issuer script results are
included as detailed in “Issuer Script Results and Completion
Data” in Chapter 2, “SST to Host Messages”.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-27
ICC Processing
ICC Application Journal Error Message - Activate Only

ICC Application Journal Error


Message ‐ Activate Only 5

When an ICC application level error occurs, an error message is


printed to the journal based on the device status message being sent
to the host.The format of the journal record is the same as the one
used for all device errors in NDC Business Services. The example
below shows how ICC application specific error information is
provided.
<DEVICE STATUS>
<DEVICE t=ʺStringʺ>SmartCardAppLevel</DEVICE>
<TCODE t=ʺStringʺ>1</TCODE>
<FITNESS t=ʺStringʺ>2</FITNESS>
<MDATA t=ʺStringʺ>CAM9F0607A0000000080002FFFF
FFFF0000FFFF</MDATA>
</DEVICESTATUS>
Note 1: ʺSmartCardAppLevelʺ is used to indicate an ICC
Application Level error(this field normally contains a device
identifier).
Note 2: The MDATA string is interpreted in the table below.

Number of Value/ Decription


Characters Example

3 ‘CAM’ Application type.

Var ASCII AID of the selected application when the


(up to 32) command failed.
‘9F0607 ASCII representation of the full BERTLV
A000000 data object.
0080002’
2 nn CLA ‐ Class of instructions for the command
‘FF’ that failed.

2 nn INS ‐ Instruction for the command that


‘FF’ failed.

2 nn P1 ‐ Parameter 1 of the command that failed.


‘FF’

2 nn P2‐ Parameter 2 of the command that failed.


‘FF’

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-28 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
ICC Application Journal Error Message - Activate Only

Number of Value/ Decription


Characters Example

2 nn Lc ‐ Length of the command data for the


‘00’ command that failed.

2 nn Le ‐ Length of the expected response for the


‘00’ command that failed.

2 nn SW1 ‐ Status Word 1 indicating why the


‘FF’ command failed.

2 nn SW2‐ Status Word 2 indicating why the


‘FF’ command failed.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-29
ICC Processing
ICC Processing Termination

ICC Processing Termination 5

In order to terminate processing, such that the card can be returned


to the customer or retained following an unsuccessful attempt to
authorize the transaction. For example: During an EMV transaction
when the SST times out waiting for a host response, the SST may
issue a Generate Application Cryptogram (GENAC) command to
complete the transaction with the chip requesting an AAC for an
offline decline.
No message to the host will result from this offline decline
processing, where we timed‐out waiting for a response from the
host.

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-30 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
ICC Processing
Authorisation Response Codes

Authorisation Response Codes 5

The Authorization Response Code is sent in a Transaction Reply


message as part of the Smart Card Data buffer. The value contained
in this field is used as part of the determination of how the SST
completes the transaction with the card.
An Authorization Response Code with a value of 30 30 will result in
the SST requesting an approval from the card at the second
Generate Application Cryptogram command.
Any other value for the Authorisation Response Code will result in
the SST requesting a decline from the card at the second generate
application cryptogram command. See “Transaction Reply” on
page 3‐24.
There is no option to configure additional Authorisation Response
Codes for approval.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual 5-31
ICC Processing
Authorisation Response Codes

Confidential and proprietary information of NCR.


Unauthorized use, reproduction and/or distribution is strictly prohibited.

5-32 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
Related Documentation

Appendix A
Related Documentation

Overview A‐1

Other NDC Business Services Documentation A‐2

Other NCR Documentation A‐3

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
Related Documentation

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services EMV™ Integrated Circuit Card (ICC) Reference Manual
Related Documentation
A

Overview

Overview A

This appendix gives details of the documentation you may find


useful when customising or extending your application and
deploying it to an SST.
The documentation is a combination of on‐line help files and Adobe
Acrobat Portable Document Format (PDF) files.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services EMV™ Integrated Circuit Card (ICC) Reference Manual A-1
Related Documentation
Other NDC Business Services Documentation

Other NDC Business Services


Documentation A

The publications in the following table are provided with the


component to which they refer. Printed versions of the PDFs can be
ordered from the NCR Publications web site.

Table A-1
Other NDC Business Services
Documentation

Component Title Format Description

APTRA NDC APTRA Activate NDC PDF Provides reference data used in NDC
Business Services Business Services, Reference Business Services to allow developers to
Manual customise the SST application and to write or
B006‐7073 modify the host control application.

.NET NDC .NET NDC Customiser Microsoft Context‐sensitive help and reference for the
Customiser HTML .NET NDC Customiser.
Help
(CHM)

NDC Business .NET NDC Business Services Microsoft Context‐sensitive help and reference for the
Services On‐line Documentation HTML Edge NDC Business Services.
APTRAbs20.chm Help
(CHM)

APTRA NDC APTRA NDC Business PDF/Paper Provides information on requirements and
Business Services Services, Systems Analysis information gathering for anyone who
Guide wishes to customise NDC Business Services
B006‐6380 for specific customers.

APTRA Activate .NET NDC Business Services Microsoft Context‐sensitive help and reference for
NDC Business On‐line Documentation HTML APTRA Activate NDC Business Services
Services APTRArc108.chm Help
(CHM)

.NET NDC .Net NDC Customiser Microsoft Context‐sensitive help and reference for the
Customiser HTML .NET NDC Customiser
Help
(CHM)

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

A-2 APTRA™ NDC Business Services EMV™ Integrated Circuit Card (ICC) Reference Manual
Related Documentation
Other NCR Documentation

Other NCR Documentation A

The publications in the following table are provided with the


software aggregate or component to which they refer.

Table A-2
Other NCR Documentation

Aggregate or
Title Format Description
Component

.NET EMV .NET EMV Card Services Microsoft Provides core EMV ICC processing functionality
Card On‐line Documentation HTML
Services APTRArc28.chm Help
(CHM)

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services EMV™ Integrated Circuit Card (ICC) Reference Manual A-3
Related Documentation
Other NCR Documentation

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

A-4 APTRA™ NDC Business Services EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
Processing Restrictions

Appendix B
Processing Restrictions

Overview B‐1

Restrictions B‐2
BER‐TLV Field Size B‐2
Candidate List Size B‐2
Static Candidate List B‐2
Number of Application IDs in Download B‐3
Reading/Writing Magnetic Stripes B‐3
Smart Card Reader/Writer (SCRW) B‐3
Smart Dip Card Readers B‐3
Communications Protocols B‐3

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Table of Contents
Processing Restrictions

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Processing Restrictions
B

Overview

Overview B

This appendix summarises some of the restrictions you should be


aware of when performing ICC processing. These include the
following:
 BER‐TLV Field Size
 Candidate List Size
 Number of Application IDs in Download
 Smart Card Reader/Writer (SCRW)
 Communications Protocols
 Static Candidate List

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual B-1
Processing Restrictions
Restrictions

Restrictions B

To enable this NDC Business Services CAM implementation to be


flexible enough to be used by many financial institutions, the
application has been designed so that major hardware upgrades are
not required.
Consequently, the restrictions described in the following sections
apply.

The following restrictions apply to various BER‐TLV field sizes:


BER‐TLV Field Size B

 The object tag field cannot be bigger than two bytes.


 The object length field can have any length, provided the other
restrictions are met.
 The object value field cannot be more than 255 bytes.

The Candidate List Build processing searches the ICC to find


Candidate List Size B

applications, in conjunction with the list of terminal acceptable


Application IDs (AIDs).
The resultant candidate list size is dependent on the number of
terminal acceptable AIDs in the “ICC Terminal Acceptable
Application IDs Table” on page 3‐14.
As NDC Business Services does not actively discard terminal
acceptable AIDs based on the Secondary AIDs, every AID entry
will be selected.
The more searching that the SST has to perform to find applications
on the ICC, the greater the increase in transaction time.
It is recommended therefore that some time is taken to provide the
most efficient\smallest ICC Terminal Acceptable Application IDs
Table.

As the NDCCardService does not actively discard terminal


Static Candidate List B

acceptable AIDs based on the Secondary AIDs, the resulting


candidate list can differ from that generated by NDC Business
Services.
This will only happen for an inconsistent configuration where the
Secondary AID for an application on the card causes a following
AID entry to be discounted, where in fact this AID’s application is
also present on the card.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

B-2 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Processing Restrictions
Restrictions

The maximum number of Application ID (AID) values that the SST


Number of Application can support as acceptable AIDs is 256. For more details, see “ICC
IDs in Download B
Terminal Acceptable Application IDs Table” on page 3‐14.

Note: Each of these terminal AID values may have more than one
corresponding ICC AID value during processing. This is because
the terminal AID value may be a partial AID value.

For an MCRW it is a requirement that all cards that are to be used


Reading/Writing Magnetic within the system have a valid magnetic stripe encoded with at least
Stripes B
a start sentinel.The magnetic stripe must not be updated when the
card is staged in the SCRW as this will result in the SST resetting.

The application requires an MCRW with an EMV‐type approved


Smart Card Reader/Writer SCRW unit to be installed in the SST.
(SCRW) B

The smart dip card readers is not supported.


Smart Dip Card Readers B

Some messages within NDC CAM, in particular the Transaction


Communications Request message, have the potential to be longer than some
Protocols B
communications protocols can handle. This depends upon the
communications protocol used, SST configuration settings and ICC
data values.
NCR strongly advises users to check that the communications
protocol used in their SST environment meets their implementation
needs, taking into account the SST configuration settings and
potential ICC data values.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual B-3
Processing Restrictions
Restrictions

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

B-4 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Glossary

Glossary 0

AAC Application Authentication Cryptogram. An ICC application


A cryptogram produced for unsuccessful CAM transactions. See also
Cryptogram.
AC Application Cryptogram. A cryptogram produced by the ICC
application. See also Cryptogram.
AID Application Identifier. The identity or name of a specific ICC
application.
AIP Application Interchange Profile. A set of flags in the ICC
application that define which EMV features the card supports.
API Application Program Interface.
ARPC Authorisation Response Cryptogram. An ICC application
cryptogram produced by the host for submission to the ICC, to
prove it is a genuine host. See also Cryptogram.
ARQC Authorisation Request Cryptogram. An ICC application
cryptogram produced by the ICC application to prove to the host
that the ICC is genuine. See also Cryptogram.
ASCII American Standard Code for Information Interchange.
ATB Alternative Technology Byte. A byte in the track 2 ‘service
code’ field identifying cards using alternative technology. ICCs
(smart cards) are generally identified by a value of ‘2’ or ‘6’.
ATC Application Transaction Counter.
AUC Application Usage Control. A set of flags in the ICC
application that define the transaction the card can perform.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual Glossary-1
Glossary

BCD Binary Coded Decimal.


B
BER-TLV Basic Encoding Rules ‐ Tag Length Value. A format
definition for all EMV data objects.

CAM Card Authentication Method. The method or process for


C authenticating an ICC.
CDOL1 Card risk management Data Object List 1. Data objects
required by the ICC when submitting the first Generate AC
command.
CDOL2 Card risk management Data Object List 2. Data objects
required by the ICC when submitting the second Generate AC
command.
CLA CLass of instruction.
Cryptogram The result of encrypting a piece of data using a key and
a cryptographic algorithm.
CVM Cardholder Verification Method. The method by which the
ICC application verifies that a consumer is genuine.

DASH Dip And Smart Hardware card reader.


D
DDF Directory Definition File. A file held in the ICC to describe the
attributes of an ICC directory.
DF Dedicated File. A file type used in the ICC file system.
DOL Data Object List. A list of data objects required by the ICC,
specified by the required tag and the number of bytes of the
required value.

EMV Europay MasterCard Visa. The original consortium of


E companies that introduced the EMV ICC standard functionality.
EMV is a trademark owned and registered by EMVCo, now a
consortium of American Express, JCB, MasterCard and Visa.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

Glossary-2 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Glossary

Fallback Payment system rules determine whether fallback to


F magnetic stripe is allowed after the failure of an ICC read
transaction. This behaviour is outside the scope of EMV.
FIT Financial Institution Table. A list configured by the host of all
acceptable card groups.
Floor Limit A maximum monetary amount above, or equal to, which
the merchant must obtain authorisation from the acquirer before
completing the transaction.

GENAC Generate Application Cryptogram. GENAC1 and GENAC2


G are the first and second GENACs respectively.

IC Integrated Circuit. The microelectronic circuit integrated into a


I semiconductor chip, such as in a smart card (ICC).
ICC Integrated Circuit Card. A card containing an integrated
circuit; also known as a smart card.
INS Instruction of command that failed.
ISO International Standards Organisation.
ITR Interactive Transaction Response.

Lc Length of command data. The length of data being submitted to


L the ICC in a command.
Le Length of expected response data. The length of response data
expected to be returned by the ICC in response to a command.

MAC Message Authentication Code. A cryptographic checksum


M value used to verify that the data associated with it has not changed.
MCRW Magnetic Card Reader Writer. A device in a terminal for
accepting a card and reading the magnetic stripe on the card. See
also SCRW.

NDC NCR Direct Connect. The messaging interface used in


N messages between the host and SST.

OpCode is the short form of Operation Code, which is a buffer


O holding the transaction actions (FDK codes) selected by the
cardholder/consumer.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual Glossary-3
Glossary

P1 Parameter 1 of the command that failed.


P
P2 Parameter 2 of the command that failed.
PAN Primary Account Number. The number of the consumerʹs
primary account.
PDF Portable Document Format. The operating system
independent file format for Adobe® Reader® files.
PDOL Processing options Data Object List. Data objects required by
the ICC when submitting a Get Processing Options command.
PIN Personal Identification Number.
PSE Payment System Environment. The EMV‐defined root
directory in the ICC filing system.

SCIF Smart Card Interface. The interface board fitted to the MCRW
S to enable interaction with the SCRW.
SCRW Smart Card Reader Writer. The device fitted to the MCRW
providing an extension that can interact with an ICC.
Smart card General term for a card containing an Integrated Circuit
(IC). See IC and ICC.
SST Self Service Terminal. The terminal which the consumer uses
for self‐service. Also known as ‘the terminal’.
SW1 Status Word 1. The first part of the response status from an
ICC command.
SW2 Status Word 2. The second part of the response status from an
ICC command.

TC Transaction Certificate. An ICC application cryptogram,


T produced for successful CAM transactions. See also Cryptogram.
TDOL Transaction certificate Data Object List. A DOL which, when
processed, provides the input text for the SHA‐1. This algorithm
outputs the data used for the TC Hash Value data object.
TRM Terminal risk management. TRM provides a set of rules used
to determine whether a given transaction should be approved
locally, sent to the host for authorization, or declined locally.
TSI Transaction Status Information. The status of the transaction as
seen from the terminal.
TVR Terminal Verification Results. The results of the verification as
seen from the terminal.

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

Glossary-4 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Glossary

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual Glossary-5
Glossary

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

Glossary-6 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Index

Index 0

Application IDs
A Number of B‐3
Table 3‐14
Application, ICC
Name display 5‐23
Application, Terminal
Version Number 5‐12
Authorisation Response Codes 5‐31

Begin ICC Initialisation state type 2‐4


B BER‐TLV Data Object processing 5‐4
BER‐TLV field size B‐2

Commands
C Customisation data 3‐2
Communications protocols B‐3
Completion data 2‐13
Compliance
Acceptable non‐compliance 1‐3
Implementation 1‐3
Standards 1‐3
Customisation data
Commands 3‐2

Data Object List processing 5‐3


D Data Objects tables
ICC Currency 3‐5
ICC Terminal 3‐12
ICC Transaction 3‐7
Data, completion 2‐13
Display
ICC application name 5‐23
Documentation
other A‐3

EMV configuration message 3‐3


E Encryption, PIN 5‐22
Error handling 5‐26
Error messages
ICC application journal 5‐28
Error messages, solicited/unsolicited
ICC application 2‐11
Error reporting
SCRW/MCRW hardware 2‐10

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual Index-1
Index

Hardware error reporting


H SCRW/MCRW 2‐10
Hardware, terminal
Information 2‐3

ICC application journal error message 5‐28


I ICC application name display 5‐23
ICC application solicited/unsolicited error message 2‐11
ICC Currency Data Objects table 3‐5
ICC Language Support table 3‐10
ICC processing termination 5‐30
ICC Terminal Acceptable Application IDs table 3‐14
ICC Terminal Data Objects table 3‐12
ICC Transaction Data Objects table 3‐7
Interactive Transaction Response message 3‐28
Issuer Script processing 5‐2
Issuer Script results 2‐13

Journal ICC application error messages 5‐28


J
Language selection 3‐10
L
Magnetic stripes
M Reading/writing B‐3
Message authentication code (MAC)
Configuration 5‐14
Message formats
Solicited status messages 2‐9
Messages
Interactive Transaction Response 3‐28
Terminal to Central 2‐1
Transaction Reply 3‐24

Name, ICC application


N Display 5‐23
Native mode device status information
Supervisor keys (unsolicited) 2‐10

Overview
O related documentation A‐1

PIN encryption and verification 5‐22


P Processing
BER‐TLV Data Object 5‐4
Data Object List 5‐3
Issuer Script 5‐2
Terminal Verification Results 5‐16
Protocols, communications B‐3

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

Index-2 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
Index

Related documentation A‐1


R Results
Issuer Script 2‐13

Script, Issuer
S Processing 5‐2
Results 2‐13
Smart Card Reader/Writer (SCRW) B‐3
Hardware error reporting 2‐10
Solicited status messages 2‐9
Standards compliance 1‐3
State types
Begin ICC Initialisation 2‐4
Status messages
Solicited 2‐9
Supervisor keys (unsolicited message) 2‐10

Terminal Application Version Number 5‐12


T Terminal hardware information 2‐3
Terminal to Central messages 2‐1
Terminal Verification Results processing 5‐16
Termination of ICC processing 5‐30
Transaction Reply message 3‐24
Transaction Response message
Interactive 3‐28

Verification, PIN 5‐22


V Version Number
Terminal Application 5‐12

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual Index-3
Index

Confidential and proprietary information of NCR.


Unauthorised use, reproduction and/or distribution is strictly prohibited.

Index-4 APTRA™ NDC Business Services, EMV™ Integrated Circuit Card (ICC) Reference Manual
User Feedback Form

Title: APTRA™ NDC Business Services, EMV ICC Reference Manual


Number: B006‐7137‐A000 Release: Issue 1 Date: October 2012

NCR welcomes your feedback on this publication. Your comments can be of great value in helping us improve
our information products.
Cut

You may send your comments to us electronically. See over for details.

Circle the numbers below that best represent your opinion of this publication.

Ease of use 5 4 3 2 1 0 5 = Excellent


4 = Good
Accuracy 5 4 3 2 1 0
3 = Adequate
Clarity 5 4 3 2 1 0 2 = Fair
1 = Poor
Completeness 5 4 3 2 1 0
Organisation 5 4 3 2 1 0 0 = Not applicable
Appearance 5 4 3 2 1 0
Examples 5 4 3 2 1 0
Illustrations 5 4 3 2 1 0
Job performance 5 4 3 2 1 0
Question resolution 5 4 3 2 1 0
Overall satisfaction 5 4 3 2 1 0

Indicate the ways you feel we could improve this publication.

 Improve the table of contents  Add more/better quick reference aids


 Improve the overview/introduction  Add more examples
 Improve the organisation  Add more illustrations
 Improve the index  Add more step‐by‐step procedures
 Make it less technical  Add more troubleshooting information
 Make it more concise/brief  Add more detail
Write any additional comments you may have below and on additional sheets, if necessary. Include page
numbers where applicable.

Use the following addresses to send your comments to us electronically:


E‐mail ‐ sf230067@ncr.com
Web (within firewall) ‐ http://www.dundee.ncr.com/infoprod/rcomment/newform/webform99.htm

Cut
Fold

If we may contact you concerning your comments, please fill in the information below:

Name:
Organisation:
Company:
Address:

Phone: Fax:

Thank you for your evaluation of this publication. Fold the form where indicated, tape (please do not staple),
and drop in the mail.

F 8763‐0695
Fold

Affix
Postage
Stamp
Here

NCR Financial Solutions Group Ltd.


Information Solutions Feedback
Discovery Centre
3 Fulton Road
Dundee, Scotland
DD2 4SW

You might also like