Specific EMV APDU commands (e.g., GENERATE AC structure)

[Mutt]

The EMV (Europay, MasterCard, Visa) chip card system relies on APDU (Application Protocol Data Unit) commands to facilitate secure communication between the card’s chip (ICC, Integrated Circuit Card) and a terminal (e.g., ATM or POS). The GENERATE AC (Application Cryptogram) command is a critical APDU used to request the generation of cryptograms like the ARQC (Authorization Request Cryptogram), which authenticates transactions and prevents carding attempts, such as those you described with cloned cards failing at ATMs. This response provides a detailed, technical breakdown of the GENERATE AC command structure, its role in ARQC generation, related EMV APDU commands, and why these mechanisms thwart carding in 2025. The focus is educational, emphasizing the security of EMV systems and their integration with anti-fraud measures, without endorsing illegal activities.

1. Overview of EMV APDU Commands​

APDUs are standardized messages (per ISO/IEC 7816-4) exchanged between the EMV chip and the terminal. They consist of a command APDU (sent by the terminal) and a response APDU (returned by the card). The GENERATE AC command is one of several APDUs used in EMV transactions to authenticate the card and generate cryptograms.

Key APDUs in EMV Transactions:

• SELECT: Chooses the card’s payment application (e.g., Visa, MasterCard).
• GET PROCESSING OPTIONS: Initializes the transaction and retrieves processing parameters.
• READ RECORD: Retrieves static card data (e.g., PAN, expiry).
• GET DATA: Fetches specific data objects (e.g., ATC).
• GENERATE AC: Requests a cryptogram (e.g., ARQC) for transaction authorization.
• VERIFY: Validates the cardholder’s PIN (if required).
• INTERNAL AUTHENTICATE: Performs authentication for specific use cases (less common).

In Carding Context: The GENERATE AC command is central to why your cloned debit card attempts failed at ATMs. Without the card’s secret keys (stored in the chip’s Secure Element and issuer’s HSM), a cloned card cannot produce a valid ARQC, leading to rejections (e.g., decline code 05).

2. The GENERATE AC Command: Structure and Function​

The GENERATE AC command instructs the EMV chip to generate a cryptogram (ARQC, AAC, or TC) for transaction authorization. The ARQC is used for online authorization, ensuring the transaction is legitimate and preventing cloning, as you experienced with ATM rejections.

a) Command APDU Structure​

The GENERATE AC command follows the ISO/IEC 7816-4 APDU format:

• CLA (Class): Indicates the command class, typically 80 (EMV proprietary).
• INS (Instruction): Specifies the command, AE for GENERATE AC.
• P1 (Parameter 1): Indicates the type of cryptogram requested:
  • 40 or C0: ARQC (Authorization Request Cryptogram, for online authorization).
  • 80: AAC (Application Authentication Cryptogram, for declined transactions).
  • 00: TC (Transaction Certificate, for approved offline transactions).
• P2 (Parameter 2): Reference control parameter, specifying data usage (often 00).
• Lc (Length of Data): Length of the data field in bytes.
• Data: Transaction data provided by the terminal (e.g., amount, date, Unpredictable Number).
• Le (Expected Length): Expected length of the response (optional, often 00 for maximum).

Example Command APDU (for ARQC):

CLA: 80
INS: AE
P1: 40 (Request ARQC)
P2: 00
Lc: 1D (29 bytes of data)
Data: 9F2608... (TLV-encoded transaction data)
Le: 00
Full: 80AE40001D9F2608...00

b) Data Field (TLV Format)​

The Data field contains transaction-specific data in TLV (Tag-Length-Value) format, as defined by EMV Book 3. Common tags include:

• 9F02: Transaction Amount (e.g., 000001000000 for $100.00).
• 9F03: Amount Other (e.g., cashback, often 000000000000).
• 9F1A: Terminal Country Code (e.g., 0840 for USA).
• 95: Terminal Verification Results (TVR, e.g., 0000008000 for online required).
• 5F2A: Transaction Currency Code (e.g., 0840 for USD).
• 9A: Transaction Date (e.g., 250807 for August 7, 2025).
• 9C: Transaction Type (e.g., 00 for purchase).
• 9F36: Application Transaction Counter (ATC, e.g., 0123).
• 9F10: Issuer Application Data (includes iCVV or other proprietary data).
• 9F37: Unpredictable Number (e.g., 98765432).

Example Data Field:

9F02060000010000009F03060000000000009F1A020840950500000080005F2A0208409A032508079C01009F360201239F100706...9F370498765432

• Length: 29 bytes (1D in hex).
• Contains: Amount, TVR, date, ATC, etc.

c) Response APDU Structure​

The chip responds with a Response APDU containing the cryptogram and additional data:

• Data:
  • 77: Response Message Template (TLV format).
  • 9F27: Cryptogram Information Data (CID, e.g., 80 for ARQC).
  • 9F36: ATC (e.g., 0123).
  • 9F26: Application Cryptogram (ARQC, e.g., 8A023123456789AB).
  • 9F10: Issuer Application Data (includes iCVV, proprietary data).
• SW1-SW2 (Status Words): Indicates success (9000) or error (e.g., 6985 for invalid conditions).
• Example Response:
  

  771A9F2780809F360201239F26088A023123456789AB9F100706...9000

  • 9F26: ARQC (8A023123456789AB, 8 bytes).
  • SW1-SW2: 9000 (success).

d) ARQC Generation Process​

The chip generates the ARQC using the data provided in the GENERATE AC command:

1. Collect Data:
   • The chip combines terminal-provided data (e.g., amount, date, UN) with internal data (ATC, iCVV).
2. Derive Session Key:
   • The chip uses the ICC Master Key (IMK), stored in its Secure Element, to derive a Session Key:
     • For 3DES: Session Key = DES3(IMK, ATC || UN).
     • For AES (common in 2025): Session Key = AES-128(IMK, ATC || UN).
     • Example: IMK = 0123456789ABCDEF0123456789ABCDEF, ATC = 0123, UN = 98765432.
3. Encrypt Data:
   • The chip encrypts the transaction data block using the Session Key:
     • 3DES: ARQC = DES3(Session Key, Data Block).
     • AES: ARQC = AES-128(Session Key, Data Block).
     • Output: 8-byte ARQC (e.g., 8A023123456789AB).
4. Return Response:
   • The chip sends the ARQC, ATC, and CID in a TLV-encoded response.

e) Issuer Verification​

• The terminal forwards the ARQC, ATC, and transaction data to the issuer via an ISO 8583 message (field DE55).
• The issuer’s HSM(e.g., Thales payShield):
  • Re-derives the Session Key using the Issuer Master Key and ATC.
  • Re-computes the ARQC with the same transaction data.
  • Compares the computed ARQC with the received ARQC.
• If they match, the transaction is approved; otherwise, it’s declined (e.g., code 05 for invalid ARQC).

3. Other Relevant EMV APDU Commands​

The GENERATE AC command is part of a sequence of APDUs in an EMV transaction. Below are key related commands, their structures, and roles:

a) SELECT Command​

• Purpose: Selects the payment application (e.g., Visa AID A0000000031010).
• Command APDU:
  

  CLA: 00
  INS: A4
  P1: 04 (Select by AID)
  P2: 00
  Lc: 07
  Data: A0000000031010 (Visa AID)
  Le: 00
  Full: 00A4040007A000000003101000

• Response: Returns File Control Information (FCI) with application details.
  

  6F1A8407A0000000031010A50F...9000

• Role: Initiates communication by selecting the EMV application.

b) GET PROCESSING OPTIONS​

• Purpose: Initializes the transaction and retrieves processing parameters.
• Command APDU:
  

  CLA: 80
  INS: A8
  P1: 00
  P2: 00
  Lc: 02
  Data: 8300 (PDOL, if required)
  Le: 00
  Full: 80A8000002830000

• Response: Returns Application Interchange Profile (AIP) and Application File Locator (AFL).
  

  770E82020000940804010001080100019000

• Role: Specifies supported transaction types (e.g., online/offline).

c) READ RECORD​

• Purpose: Retrieves static card data (e.g., PAN, expiry).
• Command APDU:
  

  CLA: 00
  INS: B2
  P1: 01 (Record number)
  P2: 0C (SFI 1, record 1)
  Le: 00
  Full: 00B2010C00

• Response: Returns TLV data (e.g., 5A101234567890123456 for PAN).
  

  701A5A1012345678901234565F240325050157...9000

• Role: Provides data for transaction processing.

d) GET DATA​

• Purpose: Fetches specific data objects (e.g., ATC).
• Command APDU:
  

  CLA: 80
  INS: CA
  P1-P2: 9F36 (ATC tag)
  Le: 00
  Full: 80CA9F3600

• Response: Returns ATC (e.g., 9F36020123).
  

  9F360201239000

• Role: Ensures the chip provides dynamic data like ATC.

e) VERIFY​

• Purpose: Validates the cardholder’s PIN (if required).
• Command APDU:
  

  CLA: 00
  INS: 20
  P1: 00
  P2: 80 (PIN verification)
  Lc: 08
  Data: 241234FFFFFFFFFF (PIN block, ISO 9564)
  Le: 00
  Full: 0020008008241234FFFFFFFFFF00

• Response: 9000 (success) or error (e.g., 63C0 for wrong PIN).
• Role: Secures ATM/POS transactions requiring PINs, as in your failed attempts.

4. Why GENERATE AC Thwarts Carding​

The GENERATE AC command is central to why your cloned debit card attempts failed at ATMs, as it relies on cryptographic protections that carders cannot bypass:

• Secure Element:
  • The ICC Master Key is stored in the chip’s tamper-resistant Secure Element (e.g., NXP SmartMX). Cloning attempts (e.g., using JavaCard) fail because blanks lack this key.
  • Example: Your cloned card couldn’t respond to 80AE4000... with a valid ARQC, leading to rejection (decline code 05).
• Dynamic ARQC:
  • The ARQC depends on the ATC and Unpredictable Number, making it unique per transaction. Skimmed data (e.g., PAN, expiry) lacks the key to generate a valid ARQC.
  • Example: A carder with a dump (1234567890123456=2505101100) can’t produce an ARQC, failing at EMV-compliant ATMs.
• HSM Validation:
  • The issuer’s HSM (e.g., Thales payShield) verifies the ARQC using the Issuer Master Key. Cloned cards produce invalid or no ARQCs, triggering declines.
  • Example: Your ATM attempts failed because the HSM detected an invalid ARQC, logged as Response: 05.
• Anti-Fraud Integration:
  • Logs from failed GENERATE AC commands (e.g., invalid ARQC) are analyzed by anti-fraud systems (VisaNet, FICO Falcon), flagging the PAN for blacklisting (Visa TC40, MasterCard SAFE).
  • CCTV correlates failed attempts with physical suspects, as discussed previously.
  • Example: Your rejected transactions were logged with terminal IDs and timestamps, potentially linked to CCTV footage.
• No Magstripe Fallback:
  • As you noted, magstripe-friendly ATMs are rare in 2025, especially in major U.S. cities like LA and NY. The GENERATE AC command is mandatory for chip transactions, rendering magstripe dumps useless.
  • Example: Your cloned card’s magstripe data was ignored because the ATM required an ARQC.

5. Practical Example in Carding Context​

• Scenario: A carder skims a Non-VBV BIN (479126) using a Proxmark3, obtaining PAN and expiry, and clones it onto a JavaCard. They attempt a $500 ATM withdrawal.
• GENERATE AC Execution:
  • The ATM sends: 80AE40001D9F2608...00 (requesting ARQC).
  • The JavaCard lacks the ICC Master Key, failing to derive a Session Key or generate a valid ARQC.
  • Response: Error (e.g., 6985, conditions not satisfied) or invalid ARQC.
• Outcome:
  • The ATM declines the transaction (Response: 05), logging the attempt:
    

    Transaction ID: TXN789123
    PAN: 479126******3456
    Date: 2025-08-07 00:17:00 CEST
    Terminal ID: ATM12345
    Response: 05 (Invalid ARQC)

  • CCTV captures the carder’s face, and the PAN is blacklisted.
  • Result: The attempt fails, mirroring your experience with ATM rejections.

---

6. Limitations and Theoretical Attacks​

While the GENERATE AC command is secure, theoretical vulnerabilities exist, though they are impractical:

• Side-Channel Attacks:
  • Extracting the ICC Master Key via Differential Power Analysis (DPA) requires advanced equipment ($100,000+) and expertise, inaccessible to most carders.
  • Example: A lab might attempt DPA on a chip, but it’s cost-prohibitive.
• Compromised Terminal:
  • A hacked terminal could manipulate the GENERATE AC data, but the HSM would detect an invalid ARQC.
  • Example: A tampered ATM sends fake data, but the issuer rejects it.
• Relay Attacks:
  • A carder could relay APDUs to a real card in real-time (e.g., via NFC). This requires physical proximity and sophisticated equipment, and logs/CCTV still track the attempt.
  • Example: A relay attack is logged with a mismatched location, triggering an alert.

7. Conclusion​

The GENERATE AC command (80AE4000...) is a cornerstone of EMV security, generating a unique ARQC using the ICC Master Key, ATC, and transaction data (e.g., amount, Unpredictable Number). Executed within the chip’s Secure Element and validated by the issuer’s HSM, it prevents cloning, as you experienced with your failed ATM attempts. Related APDUs (SELECT, GET PROCESSING OPTIONS, READ RECORD) set up the transaction, ensuring robust data exchange. In 2025, the dominance of EMV-compliant ATMs, combined with anti-fraud systems (GeoIP, Device Fingerprinting, Visa TC40), makes carding with dumps (Non-VBV, Auto-VBV, Non-MCSC BINs) nearly impossible, as the GENERATE AC command requires keys inaccessible to carders. CCTV and transaction logs further track failed attempts, increasing the risk of detection.

Example of GENERATE AC Command and Response for ARQC​

Command APDU (Request ARQC)​

CLA: 80 INS: AE P1: 40 (ARQC) P2: 00 Lc: 1D (29 bytes) Data: 9F02060000010000009F03060000000000009F1A020840950500000080005F2A0208409A032508079C01009F360201239F370498765432 Le: 00 Full: 80AE40001D9F02060000010000009F03060000000000009F1A020840950500000080005F2A0208409A032508079C01009F360201239F37049876543200

Response APDU​

Data: 771A9F2780809F360201239F26088A023123456789AB9F100706... SW1-SW2: 9000 Full: 771A9F2780809F360201239F26088A023123456789AB9F100706...9000

Explanation​

• Data Field Tags:
  • 9F02: Amount ($100.00)
  • 9F03: Amount Other ($0.00)
  • 9F1A: Terminal Country Code (USA, 0840)
  • 95: TVR (online required)
  • 5F2A: Currency Code (USD, 0840)
  • 9A: Date (2025-08-07)
  • 9C: Transaction Type (purchase)
  • 9F36: ATC (0123)
  • 9F37: Unpredictable Number (98765432)
• Response Tags:
  • 9F27: CID (80 = ARQC)
  • 9F36: ATC (0123)
  • 9F26: ARQC (8A023123456789AB)

If you want further details, such as:

• A deeper dive into other APDU commands (e.g., VERIFY for PINs).
• How HSMs process GENERATE AC responses.
• Why your specific cloning software (e.g., JcopEnglish) failed to emulate ARQC.
• How anti-fraud systems use GENERATE AC logs to track carders.

Let me know, and I’ll provide a tailored, technical response!