GPR User Guide

Global Personalization Requirements
User Guide
Version 3.0
17 August 2015
Visa Confidential
Important Information
© 2015 Visa. All Rights Reserved.

Notice: This information is proprietary and CONFIDENTIAL to Visa. It is distributed to Visa participants
for use exclusively in managing their Visa programs. It must not be duplicated, published, distributed
or disclosed, in whole or in part, to merchants, cardholders or any other person without prior written
permission from Visa.
The trademarks, logos, trade names and service marks, whether registered or unregistered
(collectively the “Trademarks”) are Trademarks owned by Visa. All other trademarks not attributed to
Visa are the property of their respective owners.
Note: This document is not part of the Visa Rules. In the event of any conflict between any content in
this document, any document referenced herein, any exhibit to this document, or any
communications concerning this document, and any content in the Visa Rules, the Visa Rules
shall govern and control.
Contents, Tables, and Figures
Contents
GLOBAL PERSONALIZATION REQUIREMENTS—USER GUIDE OVERVIEW 1

Purpose and Scope ...................................................................................................................................................................................... 1
Within Scope ..................................................................................................................................................................................... 2
Out of Scope ..................................................................................................................................................................................... 2
Audience .......................................................................................................................................................................................................... 2
Document Organization ............................................................................................................................................................................ 2
Reference Information ................................................................................................................................................................................ 3
Version History .............................................................................................................................................................................................. 3
1. TEST SET-UP AND EXECUTION OVERVIEW 5

1.1 Setup ..................................................................................................................................................................................................... 5
1.2 Execution Scenario .......................................................................................................................................................................... 5
1.3 Questioning (ICS) ............................................................................................................................................................................. 6
1.4 Data Acquisition Phase .................................................................................................................................................................. 6
1.5 Test Selection Phase ....................................................................................................................................................................... 7
1.5.1 Step 1 ................................................................................................................................................................................... 7
1.5.2 Step 2 ................................................................................................................................................................................... 8
1.5.3 Test Selection Rules ........................................................................................................................................................ 9
1.6 Test Execution Phase ...................................................................................................................................................................... 9
1.6.1 Preliminary Validation Results .................................................................................................................................. 11
2. TEST REPORT MESSAGE DEFINITIONS 13

2.1 Test Report Messages Overview .............................................................................................................................................. 13
2.2 Error Messages ............................................................................................................................................................................... 14
2.2.1 General .............................................................................................................................................................................. 14
2.2.2 Data Element Specific .................................................................................................................................................. 14
2.2.3 Application Data Structure Specific ....................................................................................................................... 20
2.2.4 Data Authentication Specific .................................................................................................................................... 21
2.2.5 Application Selection Specific .................................................................................................................................. 22
2.2.6 Cardholder Verification Method Specific ............................................................................................................. 23
2.2.7 Magnetic Stripe and Chip Data Correlation Specific....................................................................................... 23
2.2.8 VLP Specific...................................................................................................................................................................... 24
2.2.9 DPA Specific .................................................................................................................................................................... 24
2.2.10 Mobile Specific ............................................................................................................................................................... 25
17 August 2015 Visa Confidential i

2.3 Warning Messages ........................................................................................................................................................................ 26

2.3.1 General .............................................................................................................................................................................. 26
2.3.3 Application Selection Specific .................................................................................................................................. 30
2.3.4 DPA Specific .................................................................................................................................................................... 30
2.3.5 Consistency ...................................................................................................................................................................... 30
2.4 Observation Messages ................................................................................................................................................................ 30
2.4.2 Mobile Specific ............................................................................................................................................................... 32
APPENDIX A. IMPLEMENTATION CONFORMANCE STATEMENT (ICS) MINIMUM REQUIREMENTS 33
APPENDIX B. ABBREVIATIONS 35
ii Visa Confidential 17 August 2015

Tables
Table 1–1: Test Conditions 10

Table B–1: Abbreviations 35
17 August 2015 Visa Confidential iii

Figures
Figure 1: Test Scenario 5
iv Visa Confidential 17 August 2015

Global Personalization Requirements—User Guide Overview
Global Personalization Requirements—User Guide

Since the late 1990s, when Visa card issuers began their migration to chip, a few Visa regional offices
had processes for validating correct personalization of issuer’s cards prior to issuance. These
processes, based on requirements defined at the regional level, utilized a personalization validation
tool (PVT), originally developed internally by Visa and later outsourced to a third-party vendor. These
tools were referred to various descriptions, for example, Chip Card Validation, Personalization
Inspection or White Plastic Card Checking.
As the rapid migration to chip continues on a global scale, and with the introduction of the Visa
Contactless Payment Specifications (VCPS), developed by Visa as a platform for global interoperability
of contactless chip programs, it has become critical that a globally consistent set of requirements for
validating contact and contactless chip cards be established to ensure interoperability for Visa-
branded cards irrespective of where they are issued in the world.
Visa’s Global Chip Card Validation Process has been created to establish consistent global
processes for all regions to:
 Validate the correct personalization of Visa-branded chip cards.
 Help assure the interoperability between contact and contactless chip cards and various chip card
acceptance devices (POS and ATMs) deployed globally.
 Use as a baseline, if necessary, for the creation of specific additional regional requirements.
Purpose and Scope
This document provides an overview of Visa’s Global Chip Card Validation Process requirements for
prospective users and guidelines to technology partners developing personalization validation tools
(PVT) for the purposes of executing these requirements. It is a companion to the Global
Personalization Requirements (GPR)—Test Cases, which defines the actual test cases that need to be
executed to complete Visa’s Global Chip Card Validation Process.
In addition to defining the Visa global requirements, this document and its companion document
contain recommendations on a testing approach, test scenario, tests selection as well as test cases
that apply globally.
Any regional-specific requirements are covered in separate, dedicated documents.
17 August 2015 Visa Confidential 1

Audience
Within Scope
Tests in this document cover both contact and contactless cards and may cover other non-standard
form factor payment devices, such as Mobile NFC devices, etc.
The tests defined in this document may be used by Visa financial institutions and personalization
bureaus for other purposes as well, for example:
 Testing cards in day-to-day production
 Testing newly created card profiles
 Pre-validation of the card to be submitted to the Global Chip Card Validation process
NOTE: “Cards” in this document may also refer to non-standard payment form factors, such as
mobile phones, etc.
Out of Scope
 This document does not cover any organizational or legal aspects of the Global Chip Card
Validation Process.
 It does not specify any processes or plans of the cooperation or communication between Visa and
its financial institutions, any contracts, forms, reports, terms, conditions or liabilities.
Audience
This document is primarily intended for use by personalization validation tool (PVT) developers and
Visa staff involved in the Chip Card Validation Process. It may also be used by issuer-appointed
personalization service providers, Visa-approved vendors and other related parties to provide
minimum requirements for the validation of personalized Visa Chip Cards (contact/contactless chip;
EMV® based and/or magnetic stripe based).
Note: EMV is a registered trademark or trademark of EMVCo LLC in the United States and other
countries.
Document Organization
Global Personalization Requirements—User Guide Overview. An overview of the document including

purpose, scope, and audience.
Chapter 1: Test Set-Up and Execution Overview. Describes the test setup and execution scenarios for
the Chip Card Validation Process.
Chapter 2: Test Report Message Definitions. Provides the complete list of Error, Warning and
Observation messages defined for the purposes of this process.
2 Visa Confidential 17 August 2015

Appendix A: Implementation Conformance Statement (ICS) Minimum Requirements. Outlines the

minimum requirements for the PVT vendor’s ICS.
Appendix B: Abbreviations. Defines abbreviations used within this document and the GPR Test Cases.
Reference Information
Please contact your Visa representative for the latest versions of the Visa documents applicable to
your project, which may vary based on your market. Please note that there may be other
requirements/specifications required to validate the cards for use in the Visa payments system.
 Global Personalization Requirements—Test Cases
 Visa Integrated Circuit Card Specification (VIS)
 Visa Contactless Payment Specification (VCPS)
 Visa Mobile Contactless Payment Specification (VMCPS)
 VSDC Personalization Specification
In addition, please go to the applicable sites for the latest versions of the following as well as any
other applicable bulletins, specifications, etc.:
 EMV Issuer Interoperability Best Practices
 EMV – Integrated Circuit Card Specifications for Payment Systems
 ISO/IEC 7816-5, Identification Cards – Integrated circuit(s) cards with contacts –
Part 5: Numbering system and registration procedure for application identifiers
Version History
Version Date Changes

1.0 April 2008 Initial Publication
2.0 June 2010 Added support for VIS 1.5.1 and VCPS 2.1.1
2.0.1 May 2011 Incorporated updates from Corrections & Clarifications to v2.0
Deleted Test Cases and created new Global Personalization Requirements
Test Cases
Initial publication without the Test Cases
2.1 October 2012 Added error and observation messages for VMCPS 1.4 and VMPA 1.4
Added exception test case for online only personalization
3.0 August 2015 Updated Chapter 1: Test Set-Up and Execution Overview
Updated error messages

Version History

1. Test Set-Up and Execution Overview
1.1 Setup
Cards submitted for Global Chip Card Validation should be personalized with test keys. The
data personalized on the card submitted must meet Visa’s mandatory requirements. The
cardholder-specific data (Cardholder Name, PAN, etc.) may vary.
1.2 Execution Scenario
The test scenario for Chip Card Validation consists of the several phases illustrated in
Figure 1. Each phase is defined in the sections below the figure.
Important:
The diagram is not intended to specify the test tool’s design or implementation.
The test phases as described here simply provide a context within which to
understand these requirements. There is no specific requirement that test
tools should follow the approach as provided.
Figure 1: Test Scenario
Important:
Separate to the above process, if a VPA output file is provided, it should be

compared to the card to ensure that the two match.

1.3 Questioning (ICS)
1.3 Questioning (ICS)
In this phase, the Implementation Conformance Statement (ICS) is completed. The issuer or the
issuer’s agent generally completes the ICS. The ICS is a form that gathers information about
the card including the features and functions supported such as the applications, specification
information, Cardholder Verification Methods, Offline Data Authentication, and whether or not
the card supports contactless and which paths.
The information from the ICS needs to be loaded into the vendor’s tool. This information will
drive the set of test cases that need to be executed for a given card (i.e., the Test Selection
process outlined below). For example, when the ICS outlines that the card supports Offline PIN,
entering this information into the vendor’s tool should ensure that all test cases related to
Offline PIN are executed for the card.
This information is loaded into the tool as the card’s Product Profile.
For the minimum requirements of the ICS, refer to Appendix A: ICS Minimum Requirements.
Vendors must ensure that their ICS covers this information.
1.4 Data Acquisition Phase
In this phase, the test tool operator performs transactions with the card to retrieve all the
personalization-related data needed to perform the tests. The operator uses the ICS to
determine the number and types of transactions that need to be run. For example, if the card
supports contact and contactless, the operator needs to run a contact transaction, a magnetic
stripe transaction, as well as all applicable contactless paths (with the applicable Terminal
Transaction Qualifier (TTQ) settings).
All the data retrieved from the card is stored in the Card Image.
The Data Acquisition process fails if the card responds with unexpected Status Words. If this
occurs, the test operator should be notified in the Test Report so that they may avoid the
reporting of incorrect test results. The decision on whether or not to proceed with testing
beyond this point is up to the test operator.
The following actions shall be performed with the card during this phase:
For magnetic stripe:

 Read magnetic stripe data.

If contact interface supported:

 Read ATR.
 Select application.
 Read PSE (if present).
 Read record data using READ RECORD commands.
 Execute GENERATE AC commands to obtain cryptogram and send SECOND GENERATE AC
commands and/or EXTERNAL AUTHENTICATE commands.
 Read application internal data using GET DATA commands.
If contactless interface supported:

 Read PPSE.
 Select application.
 Execute all of the applicable paths (per ICS):
– MSD Path – MSD Legacy
– MSD Path – MSD with CVN 17 Path
– qVSDC Path – Offline
– qVSDC Path – Online/Decline (Without Offline Data Authentication)
– qVSDC Path – Online (With Offline Data Authentication)
 Read application internal data using GET DATA commands.
1.5 Test Selection Phase
Test cases are selected for the specified card product, based on information within the
Product Profile. The results are used in the next phase (Text Execution).
Test Selection is divided into two steps. The first step categorizes the high level set of tests that
are applicable for a given card. The second step specifies which test cases in each set must be
performed.
1.5.1 Step 1
The following list identifies the sets of tests in the Global Personalization Requirements—Test
Cases document that may be performed on the data retrieved during Data Acquisition.
 Card level tests
 General tests
 Inter-application consistency checks
 Dynamic Passcode Authentication-specific checks
 VSDC contact application tests

1.5 Test Selection Phase
 Tests on internal data elements used for both contact and contactless transactions
 VCPS contactless tests (performing tests associated with all paths that apply)
 VMCPS Mobile Tests
 Global Visa Chip Fleet tests
1.5.2 Step 2
Using information within the Product Profile, the tests applicable to the card configuration are
selected, per the following applicability criteria:
PER PRODUCT
Visa DB/CR Test is applicable for all Visa Credit and Debit applications
Electron Test is applicable for the Visa Electron application
DPA Test is applicable for Dynamic Pass Code Authentication
PLUS Test is applicable for the PLUS application
Fleet Any test applicable to “Visa DB/CR” is applicable to Fleet as well as
Chapter 11: Global Fleet Chip Tests.
PER TECHNOLOGY
VSDC Test is applicable for VSDC contact interface

qVSDC Test is applicable for qVSDC contactless interface (including
Streamlined qVSDC option)
MSD Test is applicable for MSD contactless interface (including both
dCVV and CVN17 options)
PER SPECIFICATION
VIS 1.4.1 Test is applicable to card products developed according to VIS 1.4.1
VIS 1.5.x Test is applicable to card products developed according to VIS 1.5.x
VCPS 1.4.2 Test is applicable to card products developed according to VCPS
1.4.2 (MSD Legacy)
VCPS 2.0.2 Test is applicable to card products developed according to VCPS
2.0.2
VCPS 2.1.x Test is applicable to card products developed according to VCPS
2.1.x
VMCPS 1.4.x Test is applicable to mobile products developed according to
VMCPS 1.4.x

VISA VSDC APPLET VERSION
VSDC 2.7.1 Test is applicable to Visa’s VSDC 2.7.1 Applet

VSDC 2.8.x Test is applicable to Visa’s VSDC 2.8.x Applet
VMPA 1.4.x Test is applicable to Visa’s VMPA 1.4.x Applet
ANY OTHER
Test is applicable only when certain criteria are met. These criteria are described per test case
in the “Applicability” section.
1.5.3 Test Selection Rules
The following rules apply to all test cases and are therefore not mentioned explicitly within
each test case:
 Where a mandatory data element is not present, tests on its format and value are not
possible. However, because these tests are applicable, the test result must be shown as
‘inconclusive’ (see also Section 1.6.1: Preliminary Validation Results).
1.6 Test Execution Phase
The tool performs all the tests that are applicable on the data retrieved from the card, which
may be categorized into three areas:
 Tests on Card Level—Performed once and focused on the data that exists at the card
level (ATR, PSE, PPSE, magnetic stripe data).
 Tests on Application Data—Performed on the data read from the application. Where
there were multiple applications on the card, the tests are repeated on the data from each
application.
 Consistency Tests—Where necessary, checks the consistency of data between
applications or between interfaces on the card (e.g., magnetic stripe vs. contact chip, or
contact vs. contactless chip).

The table below provides details of all possible conditions that may result from the execution
of a test case:
Table 1–1: Test Conditions

Condition Description
Passed The Pass Criteria was met in the test case. No error, warning or
observation messages were reported.
Action: None.
Passed with Observations The Pass Criteria was met in the test case. However, some minor
observations were noted that might affect the transaction performance
(e.g. the presence of optional data elements or unusual values in the
data).
Action: Test operator may analyze these items in an effort to ensure the
optimum performance of the personalized card.
Passed with Warnings Although the Pass Criteria was not met in the test case, the card may be
operational. However, some areas of concern were noted in its
personalization that could potentially lead to card
acceptance/interoperability problems.
Action: Test operator should analyze these issues prior to making the
final decision on the validation result. Based on the outcome, the
operator could make the determination that the test result has “Failed.”
Failed The Pass Criteria in the test case has not been met and the card is
therefore not personalized correctly, in accordance with the Product
Profile. Failure to resolve this issue will lead to card
acceptance/interoperability problems.
Action: The failure should be rectified.
Not applicable The test case is not applicable (the functionality being tested is not
supported by the card submitted for validation).
Action: None
Inconclusive The test case cannot be performed due to inappropriate execution
conditions, or due to problems with other related data elements.
Action: Test operator shall analyze all the Inconclusive test results prior
to determining the final decision on the validation result.
Execution error The test tool encountered an error during the execution of the test case.
Action: Test operator shall repeat the test.
All results of the tests are stored in the Test Report which the tool may use to determine the
preliminary validation result.

1.6.1 Preliminary Validation Results
The tool determines one of three preliminary validation results based on the outcome of the
tests in the Test Report, which are:
 Passed: The test cases in the Test Report all concluded with either a “Passed,” “Passed with
Observations” or “Not Applicable” result. None of the test cases concluded with a “Failed,”
“Passed with Warnings”, “Inconclusive” or “Execution Error” message.
Example 1:
 13 x Passed
 3 x Passed with Observation
 2 x Not Applicable
Conclusion: Passed
 Failed: At least one of the test cases in the Test Report has resulted in a “Failed” message.
Example 2:
 13 x Passed
 2 x Failed
 3 x Passed with Warnings
Conclusion: Failed
 Operator Analysis Required: Since the tool is unable to make a determination on the
preliminary validation results in all other cases (i.e. “Passed with Warnings,” “Inconclusive,”
and “Execution Error”), these specific cases will need to be further analyzed by the
Operator.
Example 3:
 13 x Passed
 1 x Passed with Observations
 4 x Passed with Warnings
Conclusion: Operator Analysis Required
NOTE: The final conclusion on the test results is made by the operator or the Visa
analyst.


2. Test Report Message Definitions

This section provides a list of all the Error, Warning and Observation messages that may
appear when any exception conditions occur while executing a test case during the Chip Card
Personalization Validation Process.
2.1 Test Report Messages Overview
A Test Report is created following the execution of the test cases and shall include the
information about all the test cases found in the Global Personalization Requirements Test
Cases document.
Error, warning and observation messages are defined by Visa and shall be included in the
report exactly as they are specified in this section. There are four severity levels for messages:
 Error Messages are included in the case of the failure of the corresponding test cases.
 Warning Messages indicate some important issues, which may not be directly related to
an error that might prevent the card from functioning in certain conditions and need to be
analyzed by the test operator (or the Visa staff involved in the Chip Card Validation
process).
 Observation Messages point to minor issues that can appear with the data on a card
(such as the presence of, or not found, optional data elements)
 Informational Messages may contain any information about the transaction flow,
execution of the test cases, or the relevant data.
The definition of Informational messages is out of scope of these requirements. However, if
used, they should not duplicate the Error, Warning or Observation messages defined in this
document.

2.2 Error Messages
2.2 Error Messages
2.2.1 General
E01. Invalid Length
E02. Invalid ISO 4217 code
E03. Missing mandatory data element
E04. All RFU bits shall be set to zero
E05. Data Element shall be encoded in TLV format
E06. Data Element shall be a constructed data object (template) and shall contain
valid TLV encoded element
E07. RFU value shall not be used
E08. Format not correct
E09. Unknown tag in constructed data object
E10. Invalid value (out of range)
E11. Invalid format
E12. Incorrect value
2.2.2 Data Element Specific

E51. Application Currency Code (Tag ‘9F42’) shall be present if CVM list conditions
require amount checks
E52. Application Currency Code (Tag ‘9F42’) shall match the value of Application
Currency Code (Visa Proprietary Data) (Tag ‘9F51’)
E53. Application Currency Code (Visa Proprietary Data) (Tag ‘9F51’) is missing when
required
E54. Application Currency Code (Visa Proprietary Data) (Tag ‘9F51’) shall match the
value of Application Currency Code (Tag ‘9F42’)
E55. The date shall be encoded in a valid format (YYMMDD) and the value shall be a
valid calendar date
E56. Application Effective Date (Tag ‘5F25’) shall be a date earlier than the Application
Expiration Date (Tag ‘5F24’) indicated
E57. Application Expiration Date (Tag ‘5F24’) shall be the last day of any given month
indicated (except 29 February)
E58. Application Expiration Date (Tag ‘5F24’) shall not be later than the expiration
date of the Issuer Public key certificate associated with SDA/DDA or offline
enciphered PIN
E59. Application File Locator (Tag ‘94’) Byte 1 Bit 3 to Bit 1 shall be zeroes
E60. Application File Locator (Tag ‘94’) Byte 1 (SFI) shall be coded correctly for the
terminal to access to using READ RECORD command
E61. Reserved for future use

E62. Application File Locator (Tag ‘94’) Byte 2 (first Record Number) shall not be ‘00’
and is lower than or equal to Byte 3 (last Record Numbers)
E63. Application File Locator (Tag ‘94’) Byte 4 ≤ Byte 3 - Byte 2 +1
E64. Application Identifier (AID) (Tag ‘4F’) shall be present in the first READ RECORD
response if PSE is supported
E65. Application Identifier (AID) (Tag ‘4F’) shall not be present in the File Control
Information (FCI) Proprietary Template (Tag ‘A5’)
E66. Application Interchange Profile (Tag ‘82’) Byte 1 Bit 4 (Terminal risk management
is to be performed) shall be set
E67. The length of the Currency Conversion Parameters must be a multiple of six
bytes
E68. Application Label (Tag ‘50’) shall contain only alphanumeric characters and
spaces (i.e. no punctuation, apostrophes, question marks, etc.)
E69. Application Label (Tag ‘50’) shall be in uppercase for all characters, or uppercase
for the first letter of each word followed by lowercase characters
E70. Application label should contain the “Visa”
E71. The limit must not be personalized if the associated counter is not supported by
the application
E72. Application Label should contain the word “Plus”
E73. Associated Data Element (Issuer Code Index Table (Tag ‘9F11’)) shall be
present if Application Preferred Name (Tag ‘9F12’) is present
E74. Application Template (Tag ‘61’) shall be present if PSE is present
E75. Associated Data Element (Issuer Country Code (Tag ‘5F28’)) shall be present if
Application Usage Control (Tag ‘9F07’) is present
E76. Application Usage Control (Tag ‘9F07’) Byte 1 bit 4 and 6 shall have the same
value and Byte 1 bit 3 and 5 shall have the same value if it is present
E77. Mandatory tag elements (Amount Authorized, Amount, Other, Terminal Country
Code, Terminal Verification Result, Transaction Currency Code, Transaction
Date, Transaction Type and Unpredictable Number) shall be present in Card
Risk Management Data Object List 1 (CDOL1) (Tag ‘8C’)
E78. Mandatory tag elements (Authorization Response Code, Amount Authorized,
Amount, Other, Terminal Country Code, Terminal Verification Result, Transaction
Currency Code, Transaction Date, Transaction Type and Unpredictable Number)
shall be present in Card Risk Management Data Object List 2 (CDOL2) (Tag
‘8D’) for cryptogram version 10
E79. Length of associated tags in the Card Risk Management Data Object List 1
(CDOL1) (Tag ‘8C’) and Card Risk Management Data Object List 2 (CDOL2)
(Tag ‘8D’) shall be correct
E80. Associated Data Element (Application Currency Code (Tag ‘9F42’)) shall be
present if Amount X (Bytes 1-4) and Amount Y (Bytes 5-8) are non-zero values in
the Cardholder Verification Method (CVM) List (Tag ‘8E’)
E81. Issuer Public Key Exponent shall be present if SDA, DDA, CDA, or Offline
Enciphered PIN are supported
E82. Application Expiration Date must not contain 29 February (leap year)
E83. Public Key Exponent value shall be 3 or 216 +1

2.2 Error Messages
E84. Issuer Public Key Remainder (tag 92’) shall be present if SDA, DDA, or Offline
Enciphered PIN is supported and length of Issuer Public Key Modulus (NI) is
greater than length of Certification Authority Public Key (NCA) minus 36
E85. Integrated Circuit Card (ICC) Public Key Remainder (Tag ‘9F48’) shall be present
if DDA is supported and length of ICC Public Key Modulus (Nic) is greater than
length of Issuer Public Key (NI) minus 42
E86. LCOL (Tag ‘9F58’) shall be lower than or equal to the UCOL (Tag ‘9F59')
E87. VLP Available Funds must be present
E88. Secondary Application Currency (Tag ‘9F76’) is missing
E89. Cryptogram Information Data (Tag ‘9F27’) most significant nibble value shall be
0, 4 or 8
E90. AAR (Bit 8 and 7 of CID is set) is an invalid cryptogram type for the Visa cards
present if Cumulative Total Transaction Amount Limit (Tag ‘9F54’) is present
E93. Application Currency Code (Tag ‘9F51’) shall be present if Currency Conversion
is to be performed by the card
E94. Currency Conversion Parameters (Tag ‘9F73’) shall be present if Currency
Conversion is to be performed by the card
E95. Mandatory data element Tag ‘9F37’ (Unpredictable Number) shall be present in
the Dynamic Data Authentication Data Object List (DDOL) (Tag ‘9F49’) if DDA is
supported
E96. Signed Dynamic Application Data (Tag ‘9F4B’) length shall be the same the ICC
Public Key Modulus length
E97. Signed Static Application Data (SSAD) (Tag ‘93’) length shall be the same the
Issuer Public Key Modulus length
E98. Mandatory Data Element shall be present if DDA is supported
E99. Mandatory Data Element shall be present if SDA is supported
E100. File Control Information (FCI) Issuer Discretionary Data (Tag ‘BF0C’) shall be
encoded in File Control Information (FCI) Proprietary Template (Tag ‘A5’) if it is
present
E101. Mandatory Data Element shall be present if CDA is supported
present if international velocity check is supported
E103. Card Authentication Related Data must be contained in the last record returned
by the AFL
E104. Recovered Signed Dynamic Application Data ICC Dynamic Data Length shall not
be zero
E105. ICC Public Key Certificate length shall be equal to the length of Issuer Public Key
Modulus
E106. Both Application Default Action (Tag ‘9F52’) Byte 1 Bit 6 and Issuer
Authentication Indicator (Tag ‘9F56’) shall not be set to ‘1’ at the same time.
E107. Issuer Code Table Index (Tag ‘9F11’) shall be in the range of ’01’ – ‘10’ (i.e.
shall correspond with the 10 parts of ISO 8859)
E108. Card Additional Processes Byte 2, bit 7 must be set to 0

E109. Card Additional Processes, Byte 1, bit 3 must be set to 1

E110. Invalid ISO3166 value
E111. Issuer Country Code (Tag ‘5F28’) shall be present if Application Usage Control
(Tag ‘9F07’) is present.
E112. Issuer Country Code (Tag ‘5F28’) shall match the value of Visa Issuer Country
Code (Tag ‘9F57’)
E113. Issuer Country Code (Visa Proprietary Data) (Tag ‘9F57’) shall match the value
of Issuer Country Code (Tag ‘5F28’)
E114. Invalid ISO639 code
E115. Issuer Action Code – Default (Tag ‘9F0D’) shall be configured to decline a
transaction if there is data authentication failure and terminal is unable to go
online
E116. Issuer Action Code – Online (Tag ‘9F0F’) shall be configured to force online if
there is data authentication failure or data authentication is not performed
E117. Language Preference (Tag ‘5F2D’) shall be encoded in lowercase alphabetical
characters only
E118. Mandatory Data Element shall be present if Offline Data Authentication or Offline
Enciphered PIN (without a dedicated PIN Encipherment Key) is supported
E119. Log Entry (Tag ‘9F4D’) Byte 1 (SFI) shall be in range 11 to 30
E120. Lower Consecutive Offline Limit (Tag ‘9F14’) shall be lower than or equal to the
Upper Consecutive Offline Limit (Tag ‘9F23’)
E121. CTCL (Tag ‘9F58’ or 'DF21' in 'BF56') shall be lower than or equal to the CTCUL
(Tag ‘9F59’ or 'DF31' in 'BF56')
E122. Upper Consecutive Offline Limit (Tag ‘9F23’) shall be greater/higher than the
Lower Consecutive Offline Limit (Tag ‘9F14’)
E123. Issuer Country Code (Visa Proprietary Data) is missing when required
E124. Service Code (Tag ‘5F30’) shall be coded with valid values according to the
Payment Technology Standards Manual
E125. Application Usage Control (Tag ‘9F07’) must contain the same value across all
supported qVSDC paths
E126. Magnetic Stripe content and encoding shall conform to ISO/IEC 7813 and Visa
Payment Technology Standards Manual requirements
E127. Last Online ATC Register (Tag ‘9F13’) is missing
E128. Track 2 Equivalent Data (Tag ‘57’) – Primary Account Number shall not be
greater than 19 digits
E129. rack 2 Equivalent Data (Tag ‘57’) – Field separator shall be half-byte ‘D’
E130. Track 2 Equivalent Data (Tag ‘57’) – Expiration Date shall be encoded in YYMM
format
E131. Track 2 Equivalent Data (Tag ‘57’) – Service Code shall be 3 digits long and first
digit shall be 2 or 6 (international or domestic cards using alternate technology
(EMV-compliant integrated circuit card containing VSDC applications))
E132. Track 2 Equivalent Data (Tag ‘57’) – Discretionary Data - Padding shall be limited
to one ‘F’
E133. Transaction Certificate Data Object List (TDOL) (Tag ‘97’) shall not be present
(or used) if Cryptogram Version Number is 10, 12 or 14

2.2 Error Messages
E134. Length of each sub tag elements in Transaction Certificate Data Object List
(TDOL) shall be correct
E135. Track 1 shall be present on the Magnetic Stripe
E136. Track 1 Magnetic Stripe Data shall not exceed 79 characters
E137. Track 1 PAN shall match with Track 2 PAN
E138. Track 1 Card Expiration Date shall match with Track 2 Card Expiration Date
E139. Track 1 Service Code shall match with Track 2 Service Code
E140. Track 2 shall be present on the Magnetic Stripe
E141. Track 2 Magnetic Stripe Data shall not exceed 40 characters
E142. Warm and Cold ATR (T0/T1) shall be EMV compliant
E143. Track 2 Equivalent Data (Tag ‘57’) – Discretionary Data field shall be dCVV (n3)
+ ATC (n4) + Contactless Indicator (n1) in a range of 1-9
E144. The Length of the ADA shall be 2 if the Application Version Number is up to
1.3.2, may be 2 or 4 if the Application Version Number is 1.4.0 and shall be 4 if
the Application Version Number is greater than 1.4.0
E145. For PLUS application, the CVM list shall only contain Online PIN
E146. For dynamic pass code authentication application, the CVM list shall contain
Offline plaintext PIN
E147. ICC PIN Encipherment Public Key Certificate Missing
E148. Forbidden value in AIP: Cardholder Verification must be supported, Byte 1 bit 5
must be set to 1
E149. In case of a PLUS contact application, Byte 1, bit 2 and bit 8 and optionally bit 7
shall be set to 1
E150. International cash back not allowed for this product; byte 2 bit 7 set to 1
E151. Missing Data Objects Required for the Retrieval of the ICC PIN Encipherment
Public Key (EMV 4.3, Book 2, Table 24)
E152. In case of a PLUS contactless application, Byte 1, bit 8 and optionally bit 7 shall
be set to 1
E153. Value reach maximum
E154. VLP Reset Threshold (Tag ‘9F6D') is NOT less than or equal to the VLP Funds
Limit (Tag '9F77’ or ‘DF71’ in ‘BF55’)
E155. Application PAN Sequence Number (Tag ‘5F34’) must contain the same value
across all supported contact and contactless paths
E156. Application Priority Indicator must be present in FCI of applications on a multi-
application card
E157. Different applications must not use the same Application Priority Indicator
E158. The value of Application Currency Exponent must correspond to the given
Application Currency Code as specified in ISO 4217
E159. FCI Issuer Discretionary Data contains invalid data
E160. Data element missing when issuer wants the velocity check to be supported
E161. The associated Consecutive Transaction counter (CTC) must be present
E162. Format Factor Indicator (Tag '9F6E') must contain the same value across all
supported contactless paths

E163. Contactless Transaction Counter Lower Limit (CLTCLL) (Tag ‘DF21 in BF 55’)
shall be lower than or equal to the Contactless Transaction Counter Upper Limit )
(CLTCUL) (Tag ‘DF31 in BF55’)
E164. Contactless Transaction Counter Upper Limit (CLTCUL) (Tag ‘DF31 in BF55’) is
not greater/higher than the Contactless Transaction Counter Lower Limit
(CLTCLL) (Tag ‘DF21 in BF55’)
E165. Consecutive Transaction Counter International Country must be present if any
associated card velocity checks are to be performed
E166. Tags not defined for inclusion are present in the International Counters Data
Template
E167. Tags not defined for inclusion are present in the Counters Data Template
E168. Tags not defined for inclusion are present in the Contactless Counters Data
Template
E169. Cumulative Total Transaction Limit (CTTAL) (Tag ‘9F54 or DF21 in BF58’ ) shall
be present if Cumulative Total Transaction Upper Limit (CTTAUL) (‘9F5C or
DF31 in BF58’) is present
E170. Associated Data Element (Consecutive Transaction Counter International (CTCI)
(Tag ‘DF11 in BF57’)) shall be present if International velocity check is supported
E171. Consecutive Transaction Counter International must be present if any associated
card velocity checks are to be performed
E172. Mandatory tag elements (Amount Authorized, Amount, Other, Terminal Country
Code, Terminal Verification Result, Transaction Currency Code, Transaction
Date, Transaction Type and Unpredictable Number) shall be present in Card
Risk Management Data Object List 1 (CDOL1) (Tag ‘8C’) for cryptogram version
18
E173. Missing Conversion Currency code (part of Tag ‘9F73’)
Amount, Other, Terminal Country Code, Terminal Verification Result, Transaction
Currency Code, Transaction Date, Transaction Type and Unpredictable Number)
shall be present in Card Risk Management Data Object List 2 (CDOL2) (Tag
‘8D’) for cryptogram version 18 with Issuer Authentication not supported
E175. Byte 1 bit 3-1 must be zeros 8. Value of first Record Number (Byte 2) cannot
equal ‘00’
E176. Value of Byte 4 must be ‘00’
E177. Missing mandatory data Element (‘4F’) in response to Select PPSE
E178. Low Value Check supported but Card Additional Processes bit (Byte 1, bit 8 = 1)
is not set
E179. Low Value and CTTA Check supported but Card Additional Processes bit (Byte
1, bit 7 = 1) is not set
E180. dCVV placeholder value in Tag 57 must be ‘999’
E181. CTCIL (Tag ‘9F53’ or ‘DF21’ in ‘BF57’) shall be lower than or equal to CTIUL
(Tag ‘9F5E’ or ‘DF71’ in ‘BF57’)
E182. CTCICL (Tag ‘9F72’ or ‘DF61’ in ‘BF57’) shall be lower than or equal to CTIUL
(Tag ‘9F5E’ or ‘DF71’ in ‘BF57’)
E183. CLTCLL (Tag ‘DF21’ in ‘BF55’) shall be lower than or equal to CLTCUL (Tag
‘DF31’ in ‘BF55’)

2.2 Error Messages
E184. CTTAL (Tag ‘9F54’ or ‘DF21’ in ‘BF58’) shall be lower than or equal to CTTAUL
(Tag ‘9F5C’ or ‘DF31’ in ‘BF58’)
E185. VLP Reset Threshold (Tag ‘DFA1’ in ‘BF55’) shall be lower than or equal to VLP
Funds Limit (Tag ‘9F77’ or ‘DFB1’ in ‘BF55’)
E186. When VLP Reset Threshold (Tag ‘DFA1’ in ‘BF55’) is present, VLP Funds Limit
(Tag ‘9F77’ or ‘DFB1’ in ‘BF55’) must be present
Amount, Other, Terminal Country Code, Terminal Verification Results,
Transaction Currency Code, Transaction Date, Transaction Type, Unpredictable
Number, and Issuer Authentication Data) shall be present in Card Risk
Management Data Object List 2 (CDOL2) (Tag ‘8D') for cryptogram version 18
with Issuer Authentication support
E188. Issuer Country Code (Tag ‘5F28') must contain the same value across all
supported contact and contactless paths
E189. Track 1 Discretionary Data (Tag ‘9F1F') must contain the same value across all
supported MSD contactless paths
2.2.3 Application Data Structure Specific

E301. All the data elements marked as Mandatory or Required and can be retrievable
with READ RECORD command and shall be present in the records of the
application
E302. Primitive data elements shall not be returned more than once for a transaction
E303. Card shall respond to a READ RECORD command with File Number and Record
Number defined in the AFL
E304. Data Elements shall not be present in the records if they are not retrievable by
READ RECORD command
E305. GET PROCESSING OPTIONS response should only contain Application
Interchange Profile and Application File Locator
E306. GENERATE AC response should only contain Cryptogram Information Data,
Application Transaction Counter, Application Cryptogram, Issuer Application Data
E307. Unexpected data element in the template
E308. Unable to read records

2.2.4 Data Authentication Specific

E351. Recovered Data Trailer shall be ‘BC’
E352. Recovered Data Header shall be ‘6A’
E353. Recovered Issuer Public Key Certificate Format shall be ‘02’
E354. Recovered Issuer Public Key Certificate Issuer Identification Number (IIN) shall
match the first 6 digits of the PAN and padded to the right with hexadecimal ‘F’s
E355. Recovered Issuer Public Key Certificate Expiration Date shall be encoded in
MMYY format and shall not be earlier than Application Expiration Date (Tag
‘5F24’) and the revocation date of the Certification Authority Public Key pair used
to produce the Issuer Public Key Certificate
E356. Recovered Hash Result shall match the same calculated hash result
E357. Recovered Public Key Certificate Issuer Public Key Algorithm Indicator shall be
‘01’ (RSA Algorithm)
E358. At least one record shall be indicated to be used for Offline Data Authentication
which is required for the generation of Signed Static Application Data
E359. Recovered ICC Public Key Certificate Format shall be ‘04’
E360. Recovered ICC Public Key Certificate Expiration Date shall be encoded in MMYY
format and shall not be earlier than Application Expiration Date (Tag ‘5F24’)
E361. Recovered ICC Public Key Certificate Application PAN shall match with the
Application PAN and padded to the right with hexadecimal ‘F’s
E362. Recovered Signed Static Application Data Signed Data Format shall be ‘03’
E363. Recovered Signed Dynamic Application Data Signed Data Format shall be ‘05’
E364. Recovered Signed Dynamic Application Data ICC Dynamic Data Length shall
represent the actual length of ICC Dynamic Data
E365. Recovered Signed Dynamic Application Data Pad Pattern shall be (Length of ICC
Public Key Modulus – ICC Dynamic Data – 25) long and shall be padded with
values of ‘BB’
E366. Application Interchange Profile (AIP) (Tag ‘82’) Byte 1 Bit 2 (Combined DDA/AC
Generation Supported) shall be set if CDA is supported
E367. ICC Response shall be coded according to Format 2 of GENERATE AC
Command (constructed data object with Tag ‘77’) if CDA is supported
E368. Cryptogram Information Data (Tag ‘9F27’) shall indicate a TC or ARQC in the
response to the GENERATE AC command if CDA is supported
E369. Cryptogram Information Data (Tag ‘9F27’), Application Transaction Counter (Tag
‘9F36’) and Signed Dynamic Application Data (Tag ‘9F4B’) shall be present in
response to the GENERATE AC command if CDA is supported
E370. dCVV value must change on each transaction
E371. Outdated expiration date of the Issuer Public key certificate
E372. The card does not respond to a valid GENERATE AC command with CDA
E373. The card does not respond to a valid Internal Authenticate command
E374. PIN Enc Public Key Certificate length shall be equal to the length of Issuer Public
Key Modulus
E375. Recovered Transaction Data Hash codes shall match the calculated Transaction
Data Hash codes

2.2 Error Messages
E376. Recovered Signed Dynamic Application Data Signed Data Format shall be ‘95’ for
online authorization requests
E377. CA Public Key Index is missing
2.2.5 Application Selection Specific

E401. ICC shall respond to Select command with valid Visa AID
E402. Single application cards shall not have an AID with suffix
E403. Mandatory data elements FCI template (Tag ‘6F’), DF Name (Tag ‘84’), FCI
proprietary template (Tag ‘A5’) and SFI of the directory elementary file (Tag ‘88’)
shall be present in Select PSE response if PSE is supported
E404. Short File Identifier (SFI) (Tag ‘88’) shall be in range of 1 to 10
E405. Each record in the Payment System Directory shall be a constructed data object
with Tag ‘70’ containing one or more Application Templates (Tag ‘61’)
E406. Application Template (Tag ‘61’) shall be encoded in ADF Directory Format
according to EMV4.1 Book 1
E407. Application Template (Tag ‘61’) shall contain ADF Name (Tag ‘4F’) and
Application Label (Tag ‘50’)
E409. Applications listed in PSD shall be selectable using its respective DF Name
E410. All Visa applications must be listed in PSE. (i.e. valid Visa AID)
E411. DF Name in the FCI of ADF shall be the same as ADF name indicated in PSE
E412. Mandatory data elements FCI template (Tag ‘6F’), DF Name (Tag ‘84’) and FCI
Proprietary Template (Tag ‘A5’) shall be present in SELECT response
E413. Dedicated File (DF) Name (Tag ‘84’) in the response shall be the same value sent
in the SELECT Command
E414. Multiple payment applications cards shall support partial name selection and shall
support SELECT NEXT command
E415. DF Name (Tag ‘84’) in the FCI response to Select Next command shall be
consistent with the partial DF name indicated in the Select Next command
E416. Primary Account Number on the magnetic stripe or embossed on the card is
identical to the Primary Account Number of the default Visa application when used
internationally on the chip
E417. Visa application shall have higher priority than the Visa Electron application if both
applications are present
E418. Primary Account Number on the magnetic stripe or embossed card shall be
identical to the PAN of the Visa application on the chip if Visa Electron application
is present too
E419. A default Visa application is defined to allow terminal to select by default without
Cardholder confirmation
E420. qVSDC using Country Code to Determine Domestic/International Check
supported but Card Additional Processes bit (Byte 2, bit 8 = 1) is not set
E421. Card does not respond to the Select command

2.2.6 Cardholder Verification Method Specific

E451. Cardholder Verification Method List must be present on all Visa contact chip cards
and Byte 1, Bit 5 of the Application Interchange Profile shall be set
E452. “No CVM required” must be the last CVM in the CVM List
E453. Visa Credit and Electron application shall not support PIN-based cardholder
verification method in the CVM List only
E454. Visa Credit and Electron application shall support “Signature” cardholder
verification method in the CVM List
E455. CVM List set up shall allow an accepting device that only supports Online PIN to
process the CVM
E456. CVM List set up shall allow an accepting device that only supports Signature to
process the CVM
E457. CVM List set up shall allow an accepting device that only supports No CVM to
process the CVM
E458. Recovered ICC PIN Encipherment Public Key Certificate Format shall be ‘04’
E459. Recovered ICC PIN Encipherment Public Key Certificate Expiration Date shall be
encoded in MMYY format and shall not be earlier than Application Expiration Date
(Tag ‘5F24’)
E460. Recovered ICC PIN Encipherment Public Key Certificate Application PAN shall
match with the Application PAN and padded to the right with hexadecimal ‘F’s
E461. Visa DPA application shall support “Offline Plaintext PIN” cardholder verification
method in the CVM List
E462. “Signature” shall be present in the CVM List
E463. “PIN, Always” must not be the only CVM in the CVM List
E464. The first CVM in the CVM List must not be set to always fail CVM processing
2.2.7 Magnetic Stripe and Chip Data Correlation Specific

E501. Track 1 PAN shall match with Application Primary Account Number (Tag ‘5A’) on
the chip
E502. Track 1 Cardholder name shall match with Cardholder Name (Tag ‘5F20’) on the
chip
E503. Track 1 Expiration Date shall match with Application Expiration Date (Tag ‘5F24’)
on the chip
E504. Track 1 Service Code shall match with Service Code (Tag ‘5F30’) (if present) on
the chip
E505. Reserved for Future Use
E506. Track 1 PAN shall match the Application Primary Account Number (Tag ‘5A’) of
the default application if there are multiple Visa application
E507. Track 1 Discretionary Data shall differ with Track 1 Discretionary Data (Tag
‘9F1F’) by 3 consecutive digits due to iCVV
E508. Track 2 PAN shall match with PAN in Track 2 Equivalent Data (Tag ‘57’) and
Application Primary Account Number (Tag ‘5A’) on the chip

2.2 Error Messages
E509. Track 2 Expiration Date shall match Expiry Date in Track 2 Equivalent Data (Tag
‘57’) and Application Expiration Date (Tag ‘5F24’) on the chip
E510. Track 2 Service Code shall match with Service Code in Track 2 Equivalent Data
(Tag ‘57’) and Service Code (Tag ‘5F30’) on the chip
E511. Track 2 PAN shall match the Application Primary Account Number (Tag ‘5A’) of
the default application if there are multiple Visa application
E512. Track 2 Discretionary Data shall match with Discretionary Data in Track 2
Equivalent Data (Tag ‘57’) on the chip except for 3 consecutive digits due to iCVV
E513. Track 2 Discretionary Data shall differ with Discretionary Data in Track 2
Equivalent Data (Tag ‘57’) on the chip by 3 consecutive digits unless iCVV is not
supported by the issuer
E514. Track 1 Cardholder Name shall match the Cardholder Name data element (Tag
‘5F 20’) of the VSDC application
E515. Track 2 PIN Verification Data shall match with PIN Verification Data (if present) in
Track 2 Equivalent Data (Tag ‘57’)
E516. Track 1 PAN shall match with Application Primary Account Number (Tag ‘5A’) (if
present) on the chip
E517. Track 1 Cardholder name shall not match with Cardholder Name (Tag ‘5F20’) (if
present) on the chip
E518. Track 1 Expiration Date shall match with Application Expiration Date (Tag ‘5F24’)
(if present) on the chip
E519. Track 1 Service Code shall match with Service Code (Tag ‘5F30’) (if present) on
the chip
E520. The 3 consecutive CVV digits of the Track 2 Discretionary Data on the magnetic
stripe must not match with those same digits in the Discretionary Data portion of
the Track 2 Equivalent Data (Tag ‘57') on the chip
2.2.8 VLP Specific

E551. Required VLP data element not present
E552. Required VLP associated data elements not present
E553. Required VLP data elements not present in PDOL
E554. VLP Reset Threshold is equal to or higher than the VLP Funds Limit
2.2.9 DPA Specific

E571. DPA PAN does not match Visa payment application PAN
E573. DPA PIN does not match Visa payment application PIN

2.2.10 Mobile Specific

E601. Mandatory data elements FCP Template (Tag ‘6F’), File Descriptor (Tag ‘82’), DF
Name (Tag ‘84’), Life Cycle Status integer (Tag ‘8A’), Security Attributes (Tag
‘8C’), and PIN Status Template DO (Tag ‘C6’) shall be present in SELECT FCP
response in ETSI TS 102.221 specified order
E603. Mandatory data element DF Name shall be present in File Control Parameters.
E604. First 5 bytes of DF Name must match Visa RID
E605. Mandatory data element Life Cycle Status shall be present in File Control
Parameters
E606. Card must be in Operational State or in Initialization State
E607. Form Factor Indicators should correctly display that the device is mobile and ISO
14443 compliant
E608. Recovered Signed Static Application Data Signed Data Format shall be ‘93’ for
mobile applications
E609. Mobile payment application should indicate contactless only
E610. Card support for Consumer Device CVM is missing when issuer wants the
Consumer Device CVM to be supported
E611. Reference Passcode must be personalized if card supports Consumer Device
CVM
E612. Card must support Issuer Update Processing in Card Additional Processes (Tag
‘9F68’) if it was indicated in Card Transaction Qualifiers (Tag ‘9F6C’)
E613. Mobile Messaging Related Data must be present if Issuer Update Processing is to
take place over-the-air
E614. Toolkit Application Identifier must be present if Issuer Update Processing is to
take place over-the-air
E615. MSISDN Tag must be present if Issuer Update Processing is to take place over
the air
E616. Mobile Application Identifier must be present if Issuer Update Processing is to be
supported over-the-air
E617. BIN should be consistent in Mobile Application Identifier and PAN
E618. Contactless indicator shall be set
E619. Associated Data Element (Application Currency Code (Tag ‘9F 51’)) shall be
present if international velocity check or offline qVSDC transactions are supported
E620. Application data element inconsistent across transaction paths
E621. Card Transaction Qualifiers must indicate support for 2nd tap Issuer Update
Processing if device is to support this
E622. The Card Authentication Related Data must be contained in the last record
returned by the AFL
E623. For two consecutive MSD transactions, the Card Verification Value section of the
Track 2 Equivalent Data is the same (dCVV is not supported)
E624. PDOL does not contain the correct values

2.3 Warning Messages
2.3.1 General
W01. Velocity checking not supported so data element is not required
W02. Unexpected data element in the template
W03. The length of the tag is zero, no data present for this tag
W04. List containing unknown tag (will be zero filled by the terminal)
W05. Length field must match the actual number of bytes in the value field

W51. The currency code (or value) used should correspond to the currency used by the
issuing country indicated
W52. Tags not defined for inclusion are present in the Counters Data Template
W53. Application Expiration Date (Tag ‘5F24') should be later than the Application
Effective Date (Tag ‘5F25')
W54. Valid PAN for Visa Application should start with a “4”
W55. Ensure SDA Tag List is in the signature generation if the SDA Tag List is
personalized on the card
W56. Integrated Circuit Card (ICC) Manufacturer should not be equal to ’00 00’
W57. Integrated Circuit (IC) Fabricator should not be equal to ’00 00’
W58. Integrated Circuit (IC) Module Fabricator should not be equal to ’00 00’
W59. Integrated Circuit (IC) Personalization Equipment Identifier should not be equal to
’00 00 00 00’
W60. Integrated Circuit (IC) Personalizer should not be equal to ’00 00’
W61. Integrated Circuit (IC) Type should not be equal to ’00 00’
W62. Integrated Circuit (IC) Pre-Personalization Equipment Identifier should not be
equal to ’00 00 00 00’
W63. Integrated Circuit (IC) Pre-Personalizer should not be equal to ’00 00’
W64. Integrated Circuit (IC) Serial Number should not be equal to ’00 00 00 00’
W65. Operating System Provider Identifier should not be equal to ’00 00’
W66. Card CVM Limit should not be present or, when present, it must contain the
maximum possible value
W67. Cardholder Name from magnetic stripe must not match with Cardholder Name
(Tag ‘5F 20’)
W68. Application Interchange Profile (Tag ‘82') should have a recommended value of
'0040'
W69. Issuer Country Code (Tag ‘5F28’) should match with the value of Application
Currency Code (Tag ‘9F42’)
W70. Data elements listed in Log Format (Tag ‘9F4F’) shall be valid (recognized) Tag or
Length

W71. Both the Lower Consecutive Offline Limit (Tag ‘9F14’) and the Upper Consecutive
Offline Limit (Tag ‘9F23’) should be present
W72. LCOL (Tag ‘9F14’) should not be present if LCOL (Tag ‘9F58’) is present
W73. PIN Try Counter (Tag ‘9F17’) should not have value of ‘00’ which indicates PIN
Blocked
W74. Data elements listed in Processing Options Data Object List (Tag ‘9F38’) shall be
valid (recognized) Tag or Length. Terminal will zero fill the values for
unrecognized tags
W75. Upper Consecutive Offline Limit (Tag ‘9F23’) should be present if Lower
Consecutive Offline Limit (Tag ‘9F14’) is present
W76. UCOL (Tag ‘9F23') should not be present if UCOL (Visa Proprietary Data)
(Tag ‘9F59') is present
W77. Data elements recommended for inclusion in the signature are not present
W78. Data Element should be present if SDA, DDA, or CDA is supported
W79. Track 2 Discretionary Data (Tag ‘9F20’) should not be present in READ RECORD
response
W80. Derivation Key Index should not equal zero
W81. Exponent 3 should be used, as exponent 216+1 increases transaction time
W82. This data is not retrievable with the Get data command
W83. The Application Expiration Date on your card is set to February 29, 2012 (or
February 29, 2016), a Leap Year. Please note that it has been reported that some
terminals in the field will terminate transactions from cards having these expiration
dates.
W84. List containing tags not in the list for cryptogram version 10, may cause Issuer
authentication failure
W85. Format 2 response should not be present since the card is not supporting CDA
W86. LCOL (Tag ‘9F14') should not be present if CTCL (Tag ‘9F58' or ‘DF21 in BF56’)
is present
W87. It is recommended that the application support domestic cash back
W88. It is recommended that the card not be set to decline online approved transactions
when Issuer Authentication fails
W89. Bit 8 of the Application Priority Indicator is set to 1; there is a risk of non-
acceptance of the card, as some terminals do not support cardholder confirmation
W90. Should not be present, as not supported in this version of VIS
W91. The Visa Credit application is configured to enable domestic cash back, check if
this is allowed for this card
W92. Missing Data Element at the “card” and the “application” level
W93. UCOL (Tag ‘9F59’) should be between 5 and 12
W94. Value of LCOL (Tag ‘9F14’) not matching LCOL (Tag ‘9F58’)
W95. The value of the LCOL (Tag ‘9F14’) is higher than recommended (i.e. 5)
W96. Length of PIN Enc Public Key not multiple of 16 and may cause interoperability
issues
W97. Length of ICC Public Key not multiple of 16 and may cause interoperability issues.

W98. Length of Issuer Public Key not multiple of 16 and may cause interoperability
issues
W99. CTCUL (Tag ‘9F59’ or 'DF31 in BF56') is too low
W100. Visa Proprietary Data Element should be retrieved using GET DATA command
W101. Cards with ATR where 2nd byte of historical bytes is equal to ‘04’ could be rejected
on certain French terminals
W102. It is recommended that Application Usage Control (Tag ‘9F07’) should be present
in the card although this data element is optional
W103. Data on the Contact and Contactless Interface are different
W104. Please note that a small number of terminals may decline the transaction if
Cardholder Name is not present
W105. CTCL (Tag ‘9F58’ or 'DF21 in BF56') should be present when CTCUL (Tag ‘9F59’
or ‘DF31 in BF56’) is present
W106. Contactless Transaction Counter Lower Limit (CLTCLL) (Tag ‘DF21 in ‘BF55’)
shall be present if Contactless Transaction Counter Upper Limit (CLTCUL) (Tag
‘DF31 in ‘BF55’) is present
W107. Contactless Transaction Counter Lower Limit (CLTCLL) (Tag ‘DF21 in ‘BF55’)
shall be present if Contactless Transaction Counter (CLTC) (Tag ‘DF11 in ‘BF55’)
is present
W108. Both LCOL (Tag ‘9F58’) and UCOL (Tag ‘9F59’) should be present
W109. Recommended that Cumulative Total Transaction Upper Limit (CTTAUL) (Tag
‘9F5C’ or DF31 in BF58’) be personalized if Cumulative Total Transaction Amount
(CTTA) (Tag ‘9F54’ or DF31 in BF58’)
W110. Recommend either Consecutive Transaction Counter International Limit or
Consecutive Transaction Counter International Country Limit should be present if
the Consecutive Transaction Counter International Upper Limit (CTIUL) is present
on the card. It is recommended that Consecutive Transaction Counter Limit
(CTCL) (Visa Lower Consecutive Offline Limit) (Tag ‘9F58’ or 'DF21' in 'BF56’)
shall also be present
W111. Either Consecutive Transaction Counter International Country Limit or
Consecutive Transaction Counter International Limit should be present if
Consecutive Transaction International Upper Limit is personalized on the card
W112. Contactless Transaction Counter Lower Limit (CLTCLL) (Tag ‘DF21 in BF55’)
shall be present if Contactless Transaction Counter Upper Limit (CLTCUL) (Tag
‘DF31 in BF55’) is present
W113. Low value for Contactless Transaction Counter Upper Limit (CLTCUL)
W114. Possible incorrect value, please review specifications
W115. Possible invalid SFI (Byte 1) value, please review specifications
W116. Possible invalid Record Number (Byte 2 and Byte 3), please review specifications
W117. Data element should be present if SDA is supported with DDA or CDA
W118. Track 2 Discretionary Data should match with Discretionary Data in Track 2
Equivalent Data (Tag ‘57’) on the chip except for 3 consecutive digits due to
CVV/iCVV
W119. A Visa Electron application should literally include ELECTRON” or “Electron”
within the Application Label

W120. UCOL (Tag ‘9F23') should not be present if CTCUL (Tag ‘9F59' or ‘DF31 in BF56’)
is present
W121. Application Interchange Profile (Tag ‘82’) does not contain the recommended
value
W122. If the Issuer implements Issuer Scripting, it is recommended to set byte 2 bit 4 of
the ADA (if Issuer Script failed, transmit transaction online)
W123. W123 Effective 1 October 2015, any new or replacement card must not support
SDA for contact chip transactions, with the following exceptions:
– Australia and New Zealand: 1 January 2016
– Brazil: 1 October 2016
– Japan: 1 October 2018
W124. Application Interchange Profile (Tag ‘82') should have a recommended value of
'0000'
W125. If Cardholder Name is present, at a minimum it should contain a ‘Space’ and
‘Forward Slash (/)
W126. The value of the LCOL should be between 3 and 10
W127. LCOL (Tag ‘9F58’) should also be present if the UCOL (Tag ‘9F59’) is present
W170. Cumulative Total Transaction Limit (CTTAL) (Tag ‘9F54 or DF21 in BF58’ ) should
be present if Cumulative Total Transaction Upper Limit (CTTAUL) (‘9F5C or DF31
in BF58’) is present
W171. Since Issuer Authentication is supported, the Issuer Authentication Indicator is
should be personalized on this card
W172. Single application cards should not have an AID with suffix
W173. When Card Additional Processes (Tag ‘9F68’) Byte 1, Bit 7 is set, it is highly
recommended that Cumulative Total Transaction Upper Limit (Tag ‘9F5C’) be
personalized
W174. Value not matching Consecutive Transaction Counter Limit (CTCL) (Tag ‘9F58' or
‘DF21 in BF56')
W175. The value of CTCL should be between 3 and 10
W176. CTIUL (Tag ‘9F5E’ or ‘DF71’ in ‘BF57’) is too low
W177. CLTCUL (Tag ‘DF31’ in ‘BF55’) is too low
W178. Both CTCL (Tag ‘9F58’ or 'DF21’ in ‘BF56') and CTCUL (Tag ‘9F59’ or ‘DF31’ in
‘BF56’) should be present
W179. Both CTCIL (Tag ‘9F53’ or ‘DF21’ in ‘BF57’) and CTIUL (Tag ‘9F5E’ or ‘DF71’ in
W180. Both CTCICL (Tag ‘9F72’ or ‘DF61’ in ‘BF57’) and CTIUL (Tag ‘9F5E’ or ‘DF71’ in
W181. Both CLTCLL (Tag ‘DF21’ in ‘BF55’) and CLTCUL (Tag ‘DF31’ in ‘BF55’) should
be present
W182. Both CTTAL (Tag ‘9F54’ or ‘DF21’ in ‘BF58’) and CTTAUL (Tag ‘9F5C’ or ‘DF31’
in ‘BF58’) should be present
W183. Both VLP Reset Threshold (Tag ‘DFA1’ in ‘BF55’) and VLP Funds Limit (Tag
‘9F77’ or ‘DFB1’ in ‘BF55’) should be present
W184. CTCUL (Tag ‘9F59’ or 'DF31’ in ‘BF56') should be between 5 and 12

2.4 Observation Messages
W185. Cardholder Name (Tag ‘5F20’) should contain the same value across all
W186. Customer Exclusive Data (Tag ‘9F7C') should contain the same value across all
2.3.3 Application Selection Specific

W201. Optional data elements not recognized or identified to be in the Payment System
Directory should not be present
W202. Data elements (if present) in the ADF Directory Entry shall be also be present in
FCI Proprietary Template (Tag ‘A5’) and shall have identical values
W203. Visa application does not have highest priority. The highest priority application
must be domestic
2.3.4 DPA Specific

W301. DPA Application Label does not conform to the Visa recommended value
2.3.5 Consistency
W351. Issuer to check if the value of these data elements is correct
W401. Card Transaction Qualifier should contain the Visa recommended value

O51. It is recommended that Public Key Exponent value should be set to ‘03’ as 216 +1
increases transaction time
O52. The Application Priority Indicator is set to zero
O53. Since the Cardholder Verification Method List does not specify any amount
checks, the Application Currency Code is not required to be personalized on this
card
O54. Since neither velocity checks support nor VLP support is indicated in the Product
Profile, the Application Currency Code (visa Proprietary Data) is not required to
be personalized on this card
O55. Since neither Offline Data Authentication nor Offline Enciphered PIN is
supported, the CA Public Key Index is not required to be personalized on this
card
O56. Since the Passcode is not supported, the Passcode Try Counter is not required
to be personalized on this card
O57. Reserved for future use

O58. Since International Country velocity check is not supported, the Consecutive
Transaction Limit (International – Country) is not required to be personalized on
this card
O59. The Application Priority Indicator Bits 4-1 should not be set to 0000b for a multi-
payment card
O63. Since neither DDA nor CDA is supported, the DDOL is not required to be
personalized on this card
O64. Since the Offline Enciphered PIN verification is not used in any of the Cardholder
Verification Rules listed in the CMV List, the ICC PIN Encipherment Public Key
Certificate is not required to be personalized on this card
O65. Since the Offline Enciphered PIN verification is not used in any of the Cardholder
Verification Rules listed in the CMV List, the ICC PIN Encipherment Public Key
Exponent is not required to be personalized on this card
O66. Since the ICC PIN Encipherment public key is not longer than the data retrieved
from the certificate, the ICC PIN Encipherment Public Key Remainder is not
required to be personalized on this card
O68. Since this card does not support the functionality which would need the ICC
Public Key Certificate, this data element is not required to be personalized on the
card
O69. Since the ICC public key is not longer than the data retrieved from the certificate,
the ICC Public Key Remainder is not required to be personalized on this card
O70. Since the Issuer Authentication is not supported, the Issuer Authentication
Indicator is not required to be personalized on this card
O72. Since the ICC PIN Encipherment public key is not longer than the data retrieved
from the certificate, the ICC PIN Encipherment Public Key Remainder is not
O73. Since Consecutive International Country velocity checking is not supported, the
Issuer Country Code (Visa Proprietary Data) is not required to be personalized
on this card
O74. Since the Issuer public key is not longer than the data retrieved from the
certificate, the Issuer Public Key Remainder is not required to be personalized on
this card
O75. Since the Offline PIN is not supported, the PIN Try Counter is not required to be
personalized on this card
O76. Since Low Value AND CTTA check is not supported, the Cumulative Total
Transaction Amount Upper Limit is not required to be personalized on this card
O78. Since VLP is not supported, the data element is not required to be present on the
card
O79. There is no value present in this data element

O81. Since Currency Conversion checking is not supported, the Secondary Application
Currency is not required to be personalized on this card
O82. Since Currency Conversion checking is not supported, the Currency Conversion
Parameters is not required to be personalized on this card
2.4.2 Mobile Specific

O101. Visa recommends allowing offline transactions in matching currencies for a
mobile prepaid product
O102. Visa recommends disallowing offline transactions in non-matching currencies for
a mobile prepaid product
O103. Prepaid product should indicate prepaid support in Card Additional Processes
O104. Visa recommends supporting Issuer Update Processing for a mobile prepaid
product
O105. Visa recommends supporting Consumer Device CVM for a mobile prepaid
product
O106. Since neither velocity checks nor offline qVSDC transactions are supported in the
Product Profile, the Application Currency Code (Visa Proprietary Data) is not

Appendix A. Implementation Conformance Statement (ICS) Minimum Requirements
Appendix A. Implementation Conformance Statement

(ICS) Minimum Requirements
This appendix outlines the minimum requirements for the content of the Implementation
Conformance Statement. Personalization validation tool vendors must ensure that their ICS
contains the items listed in this section.
Contact Specifications Offline Data Authentication
 VIS 1.4.1  SDA
 VIS 1.5.x + Updates  DDA
 VIS 1.6 (future use)  CDA
Contactless Specifications  fDDA
 VCPS 2.0.2 Cardholder Verification Methods
 VCPS 2.1.1  Online PIN
 VCPS 2.2  Signature
 VMCPS 1.4.x  Offline Plaintext PIN
Applet Versions  Offline Enciphered PIN with Dedicated ICC
 Applet 2.7.1 PIN Encipherment Key
 Applet 2.8.x  Offline Enciphered PIN without Dedicated
 VMPA 1.4.x ICC PIN Encipherment Key (i.e., using ICC
Public Key)
Products
 No CVM
 Visa Debit/Credit  Consumer Device CVM (CDCVM)
 Visa Electron  CVM amount checks
 DPA
Contactless – Transaction Paths (check all that
 Plus
apply)
 Visa Interlink
 VSDC with Fleet  MSD Legacy
 MSD with CVN 17
PSE/PPSE
 qVSDC Offline
 PSE  qVSDC Online (with Offline Data
 PPSE (mandatory for contactless) Authentication)
Multi-app/Multi-access  qVSDC Online (without Offline Data
 Multi-app/Multi-access Authentication)
Magnetic Stripe Contactless
 Mag stripe on card  qVSDC International Transactions
CVV (CAP, Byte 2, bit 7 = 0)
 qVSDC Offline International Transactions
 CVV Offset value
(CAP, Byte 2, bit 7 = 0 and Byte 1, bit 3 = 1)
Transaction Logging  Low Value Check (CAP, Byte 1, bit 8 = 1)
 Transaction Logging  Low Value and CTTA Check
Form Factor (CAP, Byte 1, bit 7 = 1)
 Card  qVSDC uses Country Code to Determine
 Mobile handset Domestic/International
(CAP, Byte 2, bit 8 = 1)

Appendix A. Implementation Conformance Statement (ICS) Minimum Requirements
Mobile
 Issuer Update Processing

 Issuer Update Processing Over-the-Air
 Offline Prepaid Chip
 Passcode
Velocity Checking
Velocity Check Tag

Lower Consecutive Offline Limit Check LCOL ‘9F14’
Upper Consecutive Offline Limit Check UCOL ‘9F23’
Lower Consecutive Offline Limit (Visa Proprietary Data) Check LCOL ‘9F58’
Upper Consecutive Offline Limit (Visa Proprietary Data) Check UCOL ‘9F59’
Consecutive Transactions Lower Limit Check CTCL '9F58' or 'DF21' in BF56'
Consecutive Transactions Upper Limit Check CTCUL '9F59' or 'DF31' in BF56'
Consecutive International Transactions (Currency) Lower Limit CTCIL '9F53' or 'DF21' in 'BF57'
Check
Consecutive International Transactions (Currency) Upper Limit CTIUL '9F5E' or 'DF31' in 'BF57'
Check
Check with Currency Conversion (with Currency Conversion)
Check with Currency Conversion (with Currency Conversion)
Check (with International Country option)
Check (with International Country option)
Consecutive International Transactions Country Lower Limit CTCICL '9F72' or 'DF61' in 'BF57'
Check
Consecutive International Transactions Country Upper Limit CTIUL '9F5E' or 'DF31' in 'BF57'
Check
Cumulative Total Transaction Amount Lower Limit Check CTTAL ‘9F54’ or ‘DF21’ in ‘BF58’
Cumulative Total Transaction Amount Upper Limit Check CTTAUL ‘9F5C’ or ‘DF31’ in ‘BF58’
Cumulative Total Transaction Amount Limit (Dual Currency) CTTAL ‘9F75’
Check (VIS 1.4.1 only) (with Currency Conversion)
Contactless Offline Transaction Lower Limit Check CLTCLL ‘DF21’ in ‘BF55’
Contactless Offline Transaction Upper Limit Check CLTCUL ‘DF31’ in ‘BF55’

Appendix B. Abbreviations
The following table lists common abbreviations and their definitions used in this Guide.
Table B–1: Abbreviations

Abbreviations Definition
AAC Application Authentication Cryptogram
AC Application Cryptogram
ADF Application Definition File
AFL Application File Locator
AID Application Identifier
AEF Application Elementary File
AFL Application File Locator
AID Application Identifier
AIP Application Interchange Profile
ans Alphanumeric special
APDU Application Protocol Data Unit
API Application Priority Identifier
ARPC Application Response Cryptogram
ARQC Application Request Cryptogram
ATC Application Transaction Counter
AUC Application Usage Control
BIN BASE Identification Number
CA Certificate Authority
CAM Card Authentication Method
CDOL Card Risk Management Data Object List
CID Cryptogram Information Data
CVK Card Verification Key
CVM Cardholder Verification Method
CVR Card Verification Result
CVV Card Verification Value
DDA Dynamic Data Authentication

DDF Directory Definition File
DDOL Dynamic Data Authentication Data Object List
DEA Data Encryption Algorithm
DES Data Encryption Standard
DGI Data Group Identifier (used by the Card Personalizer only)
DKI Derivation Key Index
EMV Europay, MasterCard & Visa
FCI File Control Information
GPO GET PROCESSING OPTIONS
IAC Issuer Action Code
ICS Implementation Compliance Statement
ICVV Alternate Card Verification Value

IFM Interface Module
MCC Merchant Category Code
MDK Master Derivation Key
N/A Not Applicable
PAN Primary Account Number
PDOL Processing Options Data Options List
PIN Personal Identification Number
PIX Proprietary Application Identifier Extension
PK Public Key
PKI Certificate Authority Public Key Index
POS Point of Sale
PPSE Proximity Payment System Environment
PSE Payment Systems Environment
PVK PIN Verification Key
PVV PIN Verification Value
RFU Reserved For Future Use
RID Registered Application Provider Identifier
RSA Rivest, Shamir, Adleman
SAD Signed Static Application Data

SAM Secure Access Method
SDA Static Data Authentication
STIP Stand In Processing
TAC Terminal Action Code
TC Transaction Certificate
TDOL Transaction Certificate Data Object List
TLV Tag-Length-Value
TSI Transaction Status Information
TVR Terminal Verification Result
UDK Unique Derived Key
VCMS Visa Certification Management System
VIP VisaNet Integrated Payment
VLP Visa Low-value Payment
VPA VSDC Personalization Assistant
VSDC Visa Smart Debit Credit
VTS VisaNet Test System

GPR User Guide

Uploaded by

Copyright:

Available Formats

GPR User Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

GPR User Guide

Uploaded by

Copyright:

Available Formats

Global Personalization Requirements

© 2015 Visa. All Rights Reserved.

GLOBAL PERSONALIZATION REQUIREMENTS—USER GUIDE OVERVIEW 1

1. TEST SET-UP AND EXECUTION OVERVIEW 5

2. TEST REPORT MESSAGE DEFINITIONS 13

17 August 2015 Visa Confidential i

2.3 Warning Messages ........................................................................................................................................................................ 26

APPENDIX A. IMPLEMENTATION CONFORMANCE STATEMENT (ICS) MINIMUM REQUIREMENTS 33

ii Visa Confidential 17 August 2015

Table 1–1: Test Conditions 10

17 August 2015 Visa Confidential iii

Figure 1: Test Scenario 5

iv Visa Confidential 17 August 2015

Global Personalization Requirements—User Guide Overview

Purpose and Scope

Any regional-specific requirements are covered in separate, dedicated documents.

17 August 2015 Visa Confidential 1

Global Personalization Requirements—User Guide Overview. An overview of the document including

2 Visa Confidential 17 August 2015

Appendix A: Implementation Conformance Statement (ICS) Minimum Requirements. Outlines the

Version Date Changes

17 August 2015 Visa Confidential 3

4 Visa Confidential 17 August 2015

1. Test Set-Up and Execution Overview

1.2 Execution Scenario

Separate to the above process, if a VPA output file is provided, it should be

17 August 2015 Visa Confidential 5

1.3 Questioning (ICS)

1.4 Data Acquisition Phase

For magnetic stripe:

6 Visa Confidential 17 August 2015

If contact interface supported:

If contactless interface supported:

1.5 Test Selection Phase

17 August 2015 Visa Confidential 7

VSDC Test is applicable for VSDC contact interface

8 Visa Confidential 17 August 2015

VISA VSDC APPLET VERSION

VSDC 2.7.1 Test is applicable to Visa’s VSDC 2.7.1 Applet

1.5.3 Test Selection Rules

1.6 Test Execution Phase

17 August 2015 Visa Confidential 9

Table 1–1: Test Conditions

10 Visa Confidential 17 August 2015

1.6.1 Preliminary Validation Results

17 August 2015 Visa Confidential 11

12 Visa Confidential 17 August 2015

2. Test Report Message Definitions

2.1 Test Report Messages Overview

17 August 2015 Visa Confidential 13

2.2 Error Messages

2.2.2 Data Element Specific

14 Visa Confidential 17 August 2015

17 August 2015 Visa Confidential 15

16 Visa Confidential 17 August 2015

E109. Card Additional Processes, Byte 1, bit 3 must be set to 1

17 August 2015 Visa Confidential 17

18 Visa Confidential 17 August 2015

17 August 2015 Visa Confidential 19