(Chip and PIN) Project EMV Card

(Chip and PIN) Project EMV Card

EMV (Chip and PIN) Project Student: Khuong An Nguyen Supervisor: Professor Chris Mitchell Year: 2009-2010 Full Unit Project EMV card 1 Contents Figures ......................................................................................................................................... 6 Tables .......................................................................................................................................... 7 1. Introduction ........................................................................................................................ 8 1.1 Electronic payment ......................................................................................................... 8 1.2 Scope of project .............................................................................................................. 8 1.3 Contents of report .......................................................................................................... 8 2. Definitions and abbreviations .......................................................................................... 11 2.1 Definitions .................................................................................................................... 11 2.2 Abbreviations ................................................................................................................ 12 3. Project overview ............................................................................................................... 14 3.1 Project nature ............................................................................................................... 14 3.2 Project components ..................................................................................................... 14 3.2.1 Software system .................................................................................................... 15 3.2.2 Smart card reader .................................................................................................. 15 3.2.3 EMV Credit/Debit card .......................................................................................... 16 3.2.4 Supporting software and hardware ...................................................................... 16 3.3 Project objectives ......................................................................................................... 16 3.4 Project development plan ............................................................................................ 17 4. Background ....................................................................................................................... 18 4.1 EMV (Chip and PIN) introduction ................................................................................. 18 4.1.1 Smart card introduction ........................................................................................ 18 4.1.2 EMV (Chip and PIN) introduction .......................................................................... 19 4.2 File system structure overview ..................................................................................... 21 4.2.1 General smart card file system overview .............................................................. 21 4.2.2 EMV file system overview ..................................................................................... 21 4.3 EMV payment transaction ............................................................................................ 22 4.4 Payment transaction protection mechanism ............................................................... 23 4.4.1 Card Authentication Methods ............................................................................... 24 4.4.2 Cardholder Verification Methods .......................................................................... 24 4.4.3 Plaintext offline PIN verification ............................................................................ 26 5. Command analysis ............................................................................................................ 29 5.1 Application Protocol Data Unit ..................................................................................... 29 2 5.1.1 Command APDU .................................................................................................... 29 5.1.2 Response APDU ..................................................................................................... 29 5.2 EMV commands ............................................................................................................ 30 5.2.1 SELECT command .................................................................................................. 30 5.2.2 READ RECORD command ....................................................................................... 31 5.2.3 GET DATA command .............................................................................................. 32 5.2.4 VERIFY command ................................................................................................... 32 5.2.5 GET PROCESSING OPTIONS command .................................................................. 33 5.3 Response command analysis ........................................................................................ 33 5.3.1 Payment application R-APDU analysis ................................................................... 33 5.3.2 GET PROCESSING OPTIONS R-APDU analysis ........................................................ 34 5.3.3 Cardholder verification R-APDU analysis ............................................................... 35 5.3.4 Personalised information R-APDU analysis ........................................................... 36 6. EMV communication protocol construction .................................................................... 37 6.1 Approach discussion ..................................................................................................... 37 6.2 Protocol algorithm ........................................................................................................ 37 7. High level design ............................................................................................................... 40 7.1 System functionalities overview ................................................................................... 40 7.2 General system architecture ........................................................................................ 41 7.3 Hardware architecture ................................................................................................. 41 7.4 Software system architecture ...................................................................................... 42 7.5 Sequence diagram ........................................................................................................ 42 7.6 User Interface ............................................................................................................... 43 7.6.1 Card input interface ............................................................................................... 43 7.6.2 Payment application interface .............................................................................. 44 7.6.3 Card authentication interface ............................................................................... 44 7.6.4 Cardholder verification interface .......................................................................... 45 7.6.5 Personalised information interface ....................................................................... 45 7.6.6 Offline PIN verification interface ........................................................................... 46 8. Detailed design ................................................................................................................. 47 8.1 Java programming ........................................................................................................ 47 8.2 Classes specification ..................................................................................................... 47 8.2.1 Card input class ...................................................................................................... 47 3 8.2.2 Payment application class ..................................................................................... 49 8.2.3 Transaction initialisation class ............................................................................... 51 8.2.4 Security protection class ........................................................................................ 52 8.2.5 Card authentication class ...................................................................................... 53 8.2.6 Cardholder verification class ................................................................................. 55 8.2.7 Plaintext offline PIN verification ............................................................................ 58 8.2.8 Personalised information class .............................................................................. 60 8.2.9 Report generation class ......................................................................................... 61 8.2.10 Graphical User Interface class .............................................................................. 64 8.3 Data dictionary ............................................................................................................. 65 8.4 Java algorithm..............................................................................................................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    166 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us