Tomcat
Professional
- Messages
- 2,689
- Reaction score
- 963
- Points
- 113
1. It should be noted that all three applications are used to generate a cryptogram, ensure the data integrity of the Script Processing procedure commands, encrypt some data circulating between the card and its issuer (offline counters, PIN code), the EMV CSK method for generating card keys and session keys ... This method is described in detail in EMV v.4.2 Book2.
In addition to the EMV CSK method, the M / Chip 4 and VSDC applications support their own algorithms for withdrawing card keys and session keys (see section 3.16.2). From the point of view of cryptographic strength, the internal algorithm for deriving session keys in the VSDC application looks somewhat weaker. In accordance with this algorithm, the first component of the corresponding key for Secure Messaging is added modulo 2 with the PBX value padded on the right with 6 zero bytes, and the second component is added modulo 2 with the inverted PBX value padded with 6 zero bytes on the right. As a result, the compromise of the session key leads to the compromise of the card key, and the meaning of entering the session keys is largely lost.
As for the internal VSDC algorithm for outputting the session key for generating the cryptogram, in accordance with it, the session key coincides with the card key.
In M / Chip 4, the internal algorithm for outputting session keys for generating a cryptogram and Secure Messaging from the point of view of cryptanalysis is more reliable than the EMV CSK algorithm (for example, to output a session key for generating a cryptogram, a diversification mode is used that uses not only PBX, as in the case of EMV CSK, but also random variable UN generated by the terminal).
The CPA application uses a new, more "diversified" algorithm for deriving the application key, in the case when the card number contains more than 16 digits.
2. The CPA, M / Chip 4 and VSDC applications implement a reliable mechanism for the issuer to verify that the terminal has performed offline authentication of the application. For this, in the case of an SDA card, the DAC (Data Authentication Code) value previously calculated by the issuer is used, and in the case of a DDA / CDA card, the IDN (ICC Dynamic Number) value displayed during the operation, which can only be calculated by the card and its issuer. In the VSDC application, the use of DAC and IDN is optional and often not implemented (for example, in the VISA CEMEA region). In CPA and M / Chip4 applications, the IDN value is calculated by the card when processing the GET PROCESSING OPTIONS command (when the PBX transaction counter is incremented by 1).
3. The CPA and M / Chip 4 applications support a number of security-useful counter card applications, including:
4. In the CPA and M / Chip 4 applications, additional checks are supported (in the CPA - up to two checks, in the M / Chip 4 - no more than one), which improve the security of the transaction. For example, a card can reject transactions from a “dangerous” country and / or a certain type of transaction. Additional checks are not supported in VSDC.
5. The CPA and M / Chip 4 applications support the ability to manage offline meters, depending on who authorized the transaction - the issuer or the Stand-In Processor.
6. CPA and M / Chip 4 applications support Maximum Transaction Amount check for offline transaction. The VSDC app does not have this check.
7. The CPA application has the ability to block the card / application without using the Script Processing procedure. This increases the reliability of the card / app lock.
8. In the CPA and M / Chip 4 applications, it is possible to unblock the PIN code check (reset the RTS value) without using the Script Processing procedure (using the CSU and ARPC Response Code objects, respectively).
Output. It should be admitted that, despite the great "advancedness" of the CPA and M / Chip4 applications, in general, given the current state of affairs in the field of card fraud, all applications are approximately equivalent in terms of the transaction security they provide.
In addition to the EMV CSK method, the M / Chip 4 and VSDC applications support their own algorithms for withdrawing card keys and session keys (see section 3.16.2). From the point of view of cryptographic strength, the internal algorithm for deriving session keys in the VSDC application looks somewhat weaker. In accordance with this algorithm, the first component of the corresponding key for Secure Messaging is added modulo 2 with the PBX value padded on the right with 6 zero bytes, and the second component is added modulo 2 with the inverted PBX value padded with 6 zero bytes on the right. As a result, the compromise of the session key leads to the compromise of the card key, and the meaning of entering the session keys is largely lost.
As for the internal VSDC algorithm for outputting the session key for generating the cryptogram, in accordance with it, the session key coincides with the card key.
In M / Chip 4, the internal algorithm for outputting session keys for generating a cryptogram and Secure Messaging from the point of view of cryptanalysis is more reliable than the EMV CSK algorithm (for example, to output a session key for generating a cryptogram, a diversification mode is used that uses not only PBX, as in the case of EMV CSK, but also random variable UN generated by the terminal).
The CPA application uses a new, more "diversified" algorithm for deriving the application key, in the case when the card number contains more than 16 digits.
2. The CPA, M / Chip 4 and VSDC applications implement a reliable mechanism for the issuer to verify that the terminal has performed offline authentication of the application. For this, in the case of an SDA card, the DAC (Data Authentication Code) value previously calculated by the issuer is used, and in the case of a DDA / CDA card, the IDN (ICC Dynamic Number) value displayed during the operation, which can only be calculated by the card and its issuer. In the VSDC application, the use of DAC and IDN is optional and often not implemented (for example, in the VISA CEMEA region). In CPA and M / Chip4 applications, the IDN value is calculated by the card when processing the GET PROCESSING OPTIONS command (when the PBX transaction counter is incremented by 1).
3. The CPA and M / Chip 4 applications support a number of security-useful counter card applications, including:
- AC Session Counter - counter of the number of session keys generated by the card for calculating the cryptogram since the last successful verification of the ARPC value by the card. This counter protects the card from fraudsters trying to guess the card key to generate a cryptogram;
- Secure Messaging for Integrity Counter - counter of the number of session keys generated by the card for secure messaging for integrity since the last successful verification of the MAC code by the card. This counter protects the card from fraudsters trying to guess the card key to generate MAC codes;
- PIN Decipherment Counter - counter of the number of incorrect card decryptions of PIN-code values.
4. In the CPA and M / Chip 4 applications, additional checks are supported (in the CPA - up to two checks, in the M / Chip 4 - no more than one), which improve the security of the transaction. For example, a card can reject transactions from a “dangerous” country and / or a certain type of transaction. Additional checks are not supported in VSDC.
5. The CPA and M / Chip 4 applications support the ability to manage offline meters, depending on who authorized the transaction - the issuer or the Stand-In Processor.
6. CPA and M / Chip 4 applications support Maximum Transaction Amount check for offline transaction. The VSDC app does not have this check.
7. The CPA application has the ability to block the card / application without using the Script Processing procedure. This increases the reliability of the card / app lock.
8. In the CPA and M / Chip 4 applications, it is possible to unblock the PIN code check (reset the RTS value) without using the Script Processing procedure (using the CSU and ARPC Response Code objects, respectively).
Output. It should be admitted that, despite the great "advancedness" of the CPA and M / Chip4 applications, in general, given the current state of affairs in the field of card fraud, all applications are approximately equivalent in terms of the transaction security they provide.
