Terminal Application Certification Guide v1.7c
Terminal Application Certification Guide v1.7c
GUIDE
2 INTRODUCTION ..................................................................... 10
2.1 Overview 10
2.2 Audience 10
2.3 Terminal Application Certification 10
2.4 Specifications 11
2.5 Pre-Requisite 11
2.6 Testing/Test Tool Requirements 12
2.7 Related Certifications 12
2.7.1 ICC Application Certification 12
2.7.2 Functional Certification 12
2.7.3 End to End Certification 12
2.8 Terms and Abbreviations 12
4.1 Selection 20
4.1.1 Select01 – Interac Application 20
4.1.2 Select02 - Interac Application with Partial Name Selection 21
4.1.3 Select03 - Interac Application when the ICC Supports PSE 21
4.1.4 Select04 - Interac Application with PSE and Multiple Applications 22
4.1.5 Select05- Interac Application, Terminal Supports PSE, ICC Does Not 23
4.1.6 Select06- No Mutually Supported AID contained in PSE 23
4.1.7 Select07- Interac Application, ICC Supports PSE, Terminal Does Not 24
4.1.8 Select09 - Check Issuer Country Code, Multiple Applications on ICC 25
4.1.9 Select13 - Check Application Selection Flag, Application Not Permitted for POS {POS} 26
4.1.10 Select19 – Applications Placed in Primary are Offered for Selection 27
4.1.11 Select21 – Application is Blocked {POS} 29
4.1.12 Select26 - Check Application Selection Flag, Application Not Permitted for ABM {ABM} 30
4.1.13 Select32 – Applications Placed in Primary are Offered for Selection {ABM} 31
4.1.14 Select34 - Application is Blocked {ABM} 32
4.1.15 Select39 – Multi-Application Card –Terminal Supports One Application 32
4.1.16 Select40a – Multi-Application Card –Terminal Supports Both Applications 35
4.1.17 Select40b – Multi-Application Card –Terminal Supports Both Applications 37
4.1.18 Select41 – Multi-Application Card –Terminal Supports Both, Interac Application Not Permitted for POS {POS}
40
4.1.19 Select42 – Multi-Application Card –Terminal supports both applications {ABM} 43
4.1.20 Select43 - Interac Application is the Only Mutually Supported Application 45
4.1.21 Select44 - Interac Application, Application Permitted for ABM Only {ABM} 47
4.1.22 Select45 - Interac Application, Application Permitted for POS Only {POS} 50
4.1.23 Select46 – Multi-Application Card –Terminal Supports Both Applications {POS} 53
4.2 Card Reading Tests 56
4.2.1 Card01 – ICC Read not Magnetic Stripe (Service Code Begins with a ‘2’) 56
7.1 Default Card 1 – Supports Offline Enciphered and Plaintext PIN 112
7.2 Card 2 – Supports SDA 114
7.3 Card 3 Supports Offline Enciphered PIN 115
7.4 Card 4 – Supports DDA and Plaintext PIN 116
7.5 Card 5 – Card Contains a PSE 117
7.6 Card 6 – Card Contains 2 Mutually Supported Applications 117
7.7 Card 7 – Supports Online Enciphered PIN 117
7.8 Card 8 – Supports CDA 117
7.9 Card 10 – Multi Application Non-cobadge Card 120
7.10 Card 11a – Multi Application Cobadge Card 121
7.11 Card 11b – Multi Application Cobadge Card 121
7.12 Card 12 – Multi Application Credit Card 121
7.13 Card 13 – Supports all offline data authentication methods 122
7.14 Other Card Information 124
7.15 Issuer RSA Key Information 124
Feb 2007 Interac Corp. 1.2 Service Code in Card Profile set to ‘220’ and ICC
Private Key added
May 2008 Interac Corp. 1.3 Test case clarifications – Select 21, 34 and Data 09,
add CA Private key part in Terminal parameters
May 2011 Interac Corp. 1.4 Modify card profiles, to extend application expiration
date
Card 1
Card 2
Card 3
Card 4
’00 00 00 00 00 00 00 00 04 03 01 03 02 03’
2.1 Overview
The objective of the Certification is to ensure that a Participant’s chip terminals operate
accurately when implemented on the Inter-Member Network (IMN) and does not affect the
reliability of the existing Shared Services.
Certification does not include volume, stress or regression testing. The Participant is
responsible for testing this internally.
The Certification Guide is to be read in conjunction with the Operating Regulations. If the
Certification Guide and the Regulations appear to be contradictory, the Regulations will
always take precedence.
2.2 Audience
The intended audience of this document is Interac Corp. and Interac Corp. Participants who
wish to achieve certification with Interac. Test tool vendors must use this document to
implement their scripts for the certification procedure.
This is required to certify Interac Debit and Interac Cash Terminal application functionality
between the terminal application and the ICC.
Terminal Certification consists of two parts – device and application:
• Device
o Participants certify the PED in compliance with PCI SSC Standards.
• Terminal application
o Terminal to card interface
▪ Participants run a series of test scripts using Interac test tool.
▪ Participants submit a completed certification checklist to Interac
Corp. for review and approval for certification.
o Terminal to Acquirer interface
This guide is designed to help the Interac Participant to test their terminal application so
that certification can be achieved with Interac. Anything referenced within the Interac
Specification as being ‘as per EMV specification’ is outside the scope of this guide as one
of the pre-requisites is that the terminal has already achieved EMV Level 2 certification with
EMVCo.
The execution of the certification process is the Participant’s responsibility. The Participant
must acquire the appropriate Interac approved test tool and corresponding test scripts.
Interac Corp. maintains a list of approved test tool vendors. During Certification, the
Participant can demonstrate that the application is working correctly by enacting a series of
test cases and test scripts as detailed in this test guide.
There are a number of configurations that exist (i.e. whether the terminal is an ABM or a
POS, or online only terminal, etc.). The Tester will select the checklist (using Appendix A
“Checklist” as a guide), to certify the terminal application. The results of the test cases will
be recorded and submitted (along with the other relevant documentation) to Interac Corp.
for review and approval.
2.4 Specifications
2.5 Pre-Requisite
The following pre-requisites are needed before the application is submitted for certification:
• The terminal must be formally approved and recognized by EMVCo for EMV
Level 1
• The terminal must be formally approved and recognized by EMVCo for EMV
Level 2
• The terminal must be formally approved and recognized by PCI SSC.
• The Interac test tool used allows the tester to see the communication between
the card and the terminal i.e. the test tool should have the ability to show the
commands sent and received by the card, and the result of the commands.
• That logs can be provided to Interac for support and investigation purposes.
• The tester has the relevant knowledge of the test tool and can interpret any log
files or diagnostics produced to determine whether the test case has passed.
• This document tests the functionality between the terminal application and the
ICC hence most of the mandatory tests do not need to go online however an
online terminal may attempt to go online to complete the transaction. While the
use of a test host is outside the scope of this document, in this version there are
a few mandatory tests that need to go online for ARQC validation using a test
host or host simulator. (For the optional tests in section ‘Terminal to Acquirer
Host testing’, the user will need a test host).
This is the final stage of certification process to test all the certified components together end to
end. The process and test cases are defined in the Certification Guide Volumes 1 – 3.
The following table contains an example as to how the terminal may be configured for the
certification process. If a data element needs to be a specific value due to the specification or to
ensure that testing can be fully performed will be highlighted in blue:
Certification Authority 01
Hash Algorithm Indicator
Certification Authority 01
Public Key Algorithm
Indicator
- Administrative transactions
- Numeric Keys
- Command Keys
- Print – Attendant
- Display – Attendant
The following section details all the tests applicable for Terminal Application Certification.
Terminals are not required to execute all tests, as they may not support the required
functionality. For each test the required Terminal Configuration is detailed i.e. for the tests
testing PSE functionality the Terminal Configuration is that the terminal supports PSE, if it
doesn’t then the test is not executed on that terminal. Appendix A details the tests that are
applicable for each terminal type, which are mandatory for ABMs and POS, and also details the
optional tests.
4.1 Selection
The following test cases test the application selection functionality of the terminal
application under test.
Objective To ensure that the terminal can select the Interac application
using full name selection
Terminal All
Configuration
Objective To ensure that the terminal can select the Interac application
using partial name selection
The terminal shall support full name selection, and partial name
selection
Terminal All - the Interac AID has the ASI indicating partial match is
Configuration accepted i.e. the partial AID is “A0000002771010”
Card Profile to As default card 1 except that the beginning of the AID in the
Use card matches the beginning of the Interac AID kept in the
terminal i.e. the partial AID is “A0000002771010” (actual AID is
‘A000000277101001’
Objective To ensure that if the terminal and the card support the Payment
System Environment (PSE) that the Interac application can be
selected using the PSE
Pass Criteria 1. The terminal sends the Select command for the PSE
2. The Interac application should be selected by the
terminal
Objective To ensure that if the terminal and the card support the PSE and
the card has more than one application supported by the
terminal, that the Interac application can be selected using the
PSE
Card Profile to As the default card 1 but containing a PSE and another
Use application supported by the terminal. The Interac application
has priority ‘1’ whereas the 2nd application has a priority of ‘’02’
Pass Criteria 1. The terminal sends the Select command for the PSE.
Objective To ensure that if the terminal and the card support application
selection by PSE but the card and terminal do not have a
mutually supported application then the terminal will attempt to
retrieve a mutually supported application using the list of AIDs.
Card Profile to Default Card 1 contains a PSE, but the Interac application is not
Use contained within the PSE
4.1.7 SELECT07- INTERAC APPLICATION, ICC SUPPORTS PSE, TERMINAL DOES NOT
Objective To check that the terminal checks the Issuer Country code
(‘5F56’) in the list of mutually supported applications and places
the application in the Primary sub-list
Step #1: The terminal shall follow these steps for each
application in the list of mutually supported applications to build
the PRIMARY and SECONDARY sub-list of applications.
Terminal All
Configuration
4.1.9 SELECT13 - CHECK APPLICATION SELECTION FLAG, APPLICATION NOT PERMITTED FOR POS
{POS}
Card Profile to Default Card 1 with the Application Selection Flag (DF62) set
Use as ‘8000’.
There is only 1 mutually supported application – Interac
Application.
The application has the Application Selection Flag present and
has byte 1 bit 8 set and byte 2 bit 8 and 7 not set. The
application has the Issuer Country code (‘5F56’) equal to ‘CAN’
Procedure The card is inserted into the terminal but the application on the
card cannot be used at an POS terminal
Objective To ensure that if there are 2 applications in the card and both
applications are placed into the PRIMARY list that both are
presented to the customer
Objective To ensure that if there are 2 applications in the card with one
defined as a PRIMARY and the other as a SECONDARY and
if the application in the PRIMARY is blocked that the other
application is not offered for selection
Card Profile to Use Card 6 without the Application Selection Flag (DF62) and
blocked at final selection, however, this card will contain a
second application with DF62 = ‘0040’.
Pass Criteria The terminal should terminate the transaction after the
selection phase without offering an application for Selection
4.1.12 SELECT26 - CHECK APPLICATION SELECTION FLAG, APPLICATION NOT PERMITTED FOR ABM
{ABM}
Card Profile to Use Default Card 1. There is only 1 mutually supported application
– Interac Application.
The application has the Application Selection Flag present and
has byte 2 bit 8 set and byte 1 bit 8 is not set.
The application has the Issuer Country code (‘5F56’) equal to
‘CAN’
Procedure The card is inserted into the terminal but the application on the
card cannot be used at an ABM terminal
4.1.13 SELECT32 – APPLICATIONS PLACED IN PRIMARY ARE OFFERED FOR SELECTION {ABM}
Objective To ensure that if there are 2 applications in the card and both
applications are placed into the PRIMARY list that both are
presented to the customer
Card Profile to Use Card 6. There are 2 mutually supported applications App1 and
App2.
App1 does not contain the Application Selection and has
priority ‘1’.
App2 has the Application Selection Flag with byte 1 bit 8 set
for PRIMARY application at ABM terminals and has the Issuer
Country code (‘5F56’) equal to ‘CAN’
Objective To ensure that if there are 2 applications in the card with one
defined as a PRIMARY and the other as a SECONDARY and
if the application in the PRIMARY is blocked that the other
application is not offered for selection
Card Profile to Use Card 6. There are 2 mutually supported applications App1 and
App2
App1 does not contain the Application Selection Flag and is
blocked at final selection.
App2 has the Application Selection Flag with byte 1 bit 7 set
for SECONDARY application at ABM terminals and has the
Issuer Country code (‘5F56’) equal to ‘CAN’
Pass Criteria The terminal should terminate the transaction after the
selection phase without offering a final application Selection
Step #1: The terminal shall follow these steps for each application
in the list of mutually supported applications to build the PRIMARY
and SECONDARY sub-list of applications.
Objective To check that if the card has more than one application
supported by the terminal, the terminal checks the Application
Selection Flag if the Issuer Country code (‘5F56’) is present
and equal to “CAN” and if the Application Selection Flag
indicates that the other application cannot be used at POS
terminals as a PRIMARY application or SECONDARY
application then only the application with bit 8 set is placed in
the PRIMARY list.
Step #1: The terminal shall follow these steps for each application
in the list of mutually supported applications to build the PRIMARY
and SECONDARY sub-list of applications.
Terminal All
Configuration
Objective To check that if the card has more than one application
supported by the terminal, the terminal checks the Application
Selection Flag if the Issuer Country code (‘5F56’) is present
and equal to “CAN” and if the Application Selection Flag
indicates that the other application cannot be used at POS
terminals as a PRIMARY application or SECONDARY
application then only the application with bit 8 set is placed in
the PRIMARY list.
Step #1: The terminal shall follow these steps for each application
in the list of mutually supported applications to build the PRIMARY
and SECONDARY sub-list of applications.
Terminal All
Configuration
Objective To check that if the card has more than one application
supported by the terminal, the terminal checks the Application
Selection Flag if the Issuer Country code (‘5F56’) is present
and equal to “CAN” and if the Application Selection Flag
indicates that Interac application cannot be used at POS
terminals as a PRIMARY application or SECONDARY
application then only the application with bit 8 set is placed in
the PRIMARY list.
Step #1: The terminal shall follow these steps for each application
in the list of mutually supported applications to build the PRIMARY
and SECONDARY sub-list of applications.
Objective To ensure that if there are 2 applications in the card and the
2nd application is placed in the SECONDARY list only the 1st
application is available for selection from the PRIMARY list.
Step #1: The terminal shall follow these steps for each application
in the list of mutually supported applications to build the PRIMARY
and SECONDARY sub-list of applications.
Case 5: Card 10
Case 6: Card 12
Objective To ensure that the terminal can select the Interac application if
it is the only mutually supported application, terminal checks the
Issuer Country code (‘5F56’) is equal to “CAN” (If present) and
the Application Selection Flag indicates that the application
can be used at the terminal as a PRIMARY application or
SECONDARY application (if present).
Step #1: The terminal shall follow these steps for each application in
the list of mutually supported applications to build the PRIMARY and
SECONDARY sub-list of applications.
Terminal All
Configuration
4.1.21 SELECT44 - INTERAC APPLICATION, APPLICATION PERMITTED FOR ABM ONLY {ABM}
Objective To ensure that the terminal can select the Interac application if
it is the only mutually supported application, terminal checks
the Issuer Country code (‘5F56’) is equal to “CAN” and the
Application Selection Flag indicates that the application can be
used at ABM terminal as a PRIMARY application or
SECONDARY application
Step #1: The terminal shall follow these steps for each application in
the list of mutually supported applications to build the PRIMARY and
SECONDARY sub-list of applications.
Step #2: Once the list of mutually supported applications has been
processed, the PRIMARY and SECONDARY sub-lists processing
shall be conducted as follows:
4.1.22 SELECT45 - INTERAC APPLICATION, APPLICATION PERMITTED FOR POS ONLY {POS}
Objective To ensure that the terminal can select the Interac application if
it is the only mutually supported application, terminal checks
the Issuer Country code (‘5F56’) is equal to “CAN” and the
Application Selection Flag indicates that the application can be
used at POS terminal as a PRIMARY application or
SECONDARY application
Step #1: The terminal shall follow these steps for each application in
the list of mutually supported applications to build the PRIMARY and
SECONDARY sub-list of applications.
Objective To ensure that if there are 2 applications in the card and the
2nd application is placed in the SECONDARY list only the 1st
application is available for selection from the PRIMARY list.
Case 5: Card 10
Case 6: Card 11a
These tests identified are to ensure that when a card is inserted into the terminal it is
processed by the correct means i.e. if it is an ICC card the chip data is used in the
transaction and not the magnetic stripe data.
4.2.1 CARD01 – ICC READ NOT MAGNETIC STRIPE (SERVICE CODE BEGINS WITH A ‘2’)
Objective To ensure that the terminal uses the chip as opposed to the
magnetic stripe when the IFD of a terminal combines both the
IC reader and the magnetic stripe reader and the magnetic
stripe on the card has a service code beginning with a “2”
Pass Criteria The terminal should use the chip interface and send all the
commands for an EMV transaction including:
• Select command.
• GPO command
• Read Records
• Generate AC
4.2.2 CARD02 – ICC READ NOT MAGNETIC STRIPE (SERVICE CODE BEGINS WITH A ‘6’)
Objective To ensure that the terminal uses the chip as opposed to the
magnetic stripe when the IFD of a terminal combines both the
IC reader and the magnetic stripe reader and the magnetic
stripe on the card has a service code beginning with a “6”
Pass Criteria The terminal should use the chip interface and send all the
commands for an EMV transaction including:
• Select command.
• GPO command
• Read Records
• Generate AC
These tests are to ensure that the terminal supports the functions identified in the Terminal
Specifications.
Objective To ensure that the terminal supports all functions necessary for an
EMV Transaction. In order to initiate application processing and to
read the data from the card the terminal must send the Get
Processing command and issue the appropriate Read Records
Terminal All
Configuration
Procedure The card is inserted into the terminal and transaction performed
Pass Criteria The terminal should send the Get Processing command after the
final selection of the Interac application and issue the Read
Records as specified in the AFL returned by the card
Terminal All
Configuration
Card Profile to Card containing a PDOL with the data element ‘9F02’ –
Use Amount Authorised
Pass Criteria The terminal should send the Get Processing command
containing the amount of the transaction – amount should not
be zero if the terminal type is ‘2x’
Objective If the terminal is an on-line only terminal and it does not support
Offline Data Authentication should set the “Data Authentication
was not performed” bit in the TVR to ‘1’
Procedure The card is inserted into the terminal and transaction performed
Pass Criteria The terminal should set byte “1” bit “8” - Data authentication was
not performed in the TVR to 1 in the first Generate AC command
Card Profile to Use Card 3 - Card supporting enciphered offline PIN. CAPK Index
“07”
Card Profile to Use Card 3 - Card with offline enciphered PIN in the CVM
Pass Criteria The card should receive a Get Challenge command prior to
the verify for offline enciphered PIN
Objective To ensure that the ABM floor limit is set to zero to ensure that
all transactions go online
Card Profile to Use Default Card 1 with Terminal Risk Management supported set
in the AIP and PDOL contains floor limit
Procedure The card is inserted in the terminal and the transaction should
be performed with the minimum amount allowed by the ABM
Pass Criteria The terminal should request an ARQC and the first 4 bytes of
the PDOL should contain the Terminal Floor limit = ‘00000000’
Objective To ensure that the POS floor limit is set to zero to ensure
that all transactions go online
Pass Criteria The terminal should request an ARQC and the first 4 bytes
of the PDOL should contain the Terminal Floor limit =
‘00000000’
Objective To ensure that if both the terminal and the card support a common
method of offline data authentication (i.e. SDA), the terminal shall
perform SDA validation
Procedure The card is inserted into the terminal and transaction performed,
Pass Criteria SDA Validation is successful, and the following conditions are met:
1. The terminal should set TVR byte “1” bit “8” to ‘0’ Data
authentication was not performed)
2. TVR byte “1” bit “7” should be ‘0‘(SDA failed)
3. The terminal should set TVR byte “1” bit “2 “to “1” SDA
selected)
Objective To ensure that If both the terminal and the card support a common
method of offline data authentication (i.e. SDA), the terminal shall
perform SDA Validation
Card Profile to Card 2- Supporting SDA with CA Public Key Index and Interac RID
Use missing
Procedure The card is inserted into the terminal and transaction performed
Pass Criteria SDA Validation failed and the following conditions are met:
1. The terminal should set TVR byte “1” bit “8” to ‘0’ (Data
authentication was not performed)
2. The terminal should set TVR, “SDA failed”, byte “1” bit “7” to
‘1‘failed)
3. The terminal should set TSI byte 1, bit 8 = '1' (Offline Data
Authentication was performed) in the first Generate AC
command
Objective To ensure that if the terminal supports enciphered Offline PIN, and if
no CA Public Keys is available for Interac RID and CA Public Key
Index, the terminal fails enciphered offline pin verification.
Procedure The card is inserted into the terminal and transaction performed
Pass Criteria 1. The terminal should set TVR byte 3, bit 8 = '1' (Cardholder
verification was not successful) in the first Generate AC
command.
2. The terminal should set TSI byte 1, bit 7 = '1' (Cardholder
verification was performed) in the first Generate AC command.
3. The terminal shall set the CVM Results to “040001” indicating
Offline Enciphered PIN was unsuccessful.
4. The terminal should decline the transaction.
Objective To ensure that If both the terminal and the card support a common
method of offline data authentication (i.e. CDA), the terminal shall
perform CDA validation. Use CAPK Index “07”, 1984-bit key.
Card Profile to Card 8- Card supporting CDA, CAPK index “07”, 1984-bit key
Use
Procedure The card is inserted into the terminal and transaction performed,
Pass Criteria CDA Validation is successful, and the following conditions are met:
1. The terminal should set TVR byte “1” bit “8” to ‘0’ Data
authentication was not performed)
2. TVR byte “1” bit “3” should be ‘0‘(CDA passed)
Objective To ensure that If both the terminal and the card support a common
method of offline data authentication (i.e. CDA), the terminal shall
perform CDA validation.
Card Profile to Card 8 - Card supporting CDA with tag 8F set to ‘AA’
Use
Procedure The card is inserted into the terminal and transaction performed.
Terminal requests ARQC with CDA at 1st GENERATE AC
Pass Criteria CDA Validation fails, and the following conditions are met:
1. The terminal should set TVR byte “1” bit “8” to ‘0’ (Data
authentication was not performed)
2. The terminal should set TVR, byte 1, bit 3 = '1'(CDA failed) in
the first Generate AC command.
3. The terminal should set TSI byte 1, bit 8 = '1' (Offline Data
Authentication was performed) in the first Generate AC
command.
Objective To ensure that If both the terminal and the card support a common
method of offline data authentication (i.e. CDA), the terminal shall
perform CDA validation. Use CAPK index “03” 1408-bit key.
Card Profile to Card 8a- Card supporting CDA – CAPK index “03”, 1408-bit key
Use
Procedure The card is inserted into the terminal and transaction performed,
Pass Criteria CDA Validation is successful, and the following conditions are met:
3. The terminal should set TVR byte “1” bit “8” to ‘0’ Data
authentication was not performed)
4. TVR byte “1” bit “3” should be ‘0‘(CDA passed)
Objective To ensure that If both the terminal and the card support a
common method of offline data authentication (i.e. DDA), the
terminal shall perform DDA validation.
Objective To ensure that If both the terminal and the card support a
common method of offline data authentication (i.e. DDA), the
terminal shall perform DDA validation.
Card Profile to Use Card 4- Card supporting DDA with tag 8F set to ‘AA’
Pass Criteria 1.The terminal should set TVR byte “1” bit “8” to ‘0’ (Data
authentication was performed) in the first Generate AC
command.
2. The terminal should set TVR byte ‘1’ bit ‘4’ to ‘1’ (DDA did
not pass)
3. The terminal should set TSI byte ‘1’ bit ‘8’ to ‘1’ (Offline Data
Authentication was performed
Objective To ensure that if both the terminal and the card support a
common method CVM from the CVM List, and if the CVM List
Card Profile to Use Card 1 (CVM List is 00000000 00000000 0403 0103 0203)
as default with
- PIN Try Counter “2”.
- 1st Generate AC returns an ARQC
- CDOL1 contains the CVM Results (‘9F34’)
Pass Criteria 1. The terminal prompts for PIN entry and an incorrect PIN is
entered
2. The Verify command [for enciphered PIN] should be sent to the
card.
3. Offline Enciphered PIN fails
4. PIN Try Counter is decremented to “1”.
5. The terminal prompts for PIN entry and an incorrect PIN is
entered
6. The Verify command [for enciphered PIN] should be sent to the
card.
7. Offline Enciphered PIN fails again.
8. PIN Try Counter is now “0”.
9. Terminal
Objective To ensure that if both the terminal and the card support a
common method CVM from the CVM List, and if the CVM List
indicates to apply succeeding CVM, the terminal fails
enciphered PIN verification when the PIN Try Limit has been
exceeded.
Pass Criteria 1. The terminal prompts for PIN entry and an incorrect PIN is
entered
2. The Verify command [for enciphered PIN] should be sent to the
card.
3. Offline Enciphered PIN fails
4. PIN Try Counter is decremented to “1”.
5. The terminal prompts for PIN entry and an incorrect PIN is
entered
6. The Verify command [for enciphered PIN] should be sent to the
card.
7. Offline Enciphered PIN fails again.
8. PIN Try Counter is now “0”.
9. Terminal
a. Shall attempt the next CVM on the CVM List (Offline
plaintext PIN)
b. Shall not prompt for PIN entry again because PIN Try
Counter is ‘0’.
c. Shall set the “PIN Try Limit exceeded’ bit in the TVR to
1.
d. Shall set the CVM Results to “010301” indicating Offline
Enciphered PIN has failed.
Objective To ensure that If both the terminal and the card support a common
method CVM from the CVM list, and the CVM Lists indicates to
apply succeeding CVM, the next CVM is applied.
Procedure The card is inserted into the terminal and transaction performed.
Pass Criteria 1. The terminal determines that the retrieval of the public key to
be used for encipherment of the PIN has failed
2. The terminal prompts for a PIN and a correct PIN is entered
3. The terminal shall send a Verify command [for plaintext PIN] to
the card based on the succeeding CVM in the CVM list.
4. Offline Plaintext PIN verification is successful
Objective To ensure that If both the terminal and the card support a common
method CVM from the CVM list, and the CVM Lists indicates to
apply succeeding CVM, the next CVM is applied.
Procedure The card is inserted into the terminal and transaction performed.
Pass Criteria 1. The terminal prompts for a PIN and a correct PIN is entered
2. The terminal shall send a Verify command [for enciphered PIN].
3. Offline enciphered PIN verification is successful.
4. The terminal shall set the CVM Results to “440302” indicating
Offline enciphered PIN was successful.
These tests are to test that a minimum set of Data Elements are resident in the terminal.
Terminal All
Configuration
Card Profile to As default but the Select command contains a PDOL with the
Use following data items:
- 9F40 9F33 9F35 9F41in that order
Pass Criteria In the Get Processing Option command the terminal should
send valid data values for the 4 data elements 9F40, 9F33,
9F35 and 9F41.
The data elements listed are mandatory for Interac Debit and
Interac Cash ICC transactions. The data elements that must
reside in the POS or ABM terminal.
Terminal All
Configuration
Card Profile to As default but the Select command contains a PDOL with the
Use following data items:
- 9F02 9F03 9F06 9F09 9F34 in that order
Pass Criteria In the Get Processing Option command the terminal should
send valid data values for the data elements 9F02 9F03 9F06
9F09 9F34
The data elements listed are mandatory for Interac Debit and
Interac Cash ICC transactions. The data elements that must
reside in the POS or ABM terminal.
Terminal All
Configuration
Card Profile to As default but the Select command contains a PDOL with the
Use following data items:
- 9F22 9F39 9F1A 9F1C 95 in that order
Procedure The card is inserted in the terminal and a transaction is
performed
Pass Criteria In the Get Processing Option command the terminal should
send valid data values for the data elements 9F22 9F39 9F1A
9F1C 95
The data elements listed are mandatory for Interac Debit and
Interac Cash ICC transactions. The data elements that must
reside in the POS or ABM terminal
Terminal All
Configuration
Card Profile to As default but the Select command contains a PDOL with the
Use following data items:
- 5F2A 9A 9B 9F21 9C 9F37 in that order
Pass Criteria In the Get Processing Option command the terminal should
send valid data values for the data elements 5F2A 9A 9B 9F21
9C 9F37
Objective If the CVM performed fails, then the terminal sets the CVM
Results data item appropriately
The terminal shall set the CVM results (tag ‘9F34’) as follows:
Byte 1: CVM Method Codes
The CVM Method Codes of the CVM actually
performed by the
terminal (first byte of the last CVM performed)
Pass Criteria The first Generate AC command returns the following value for
CVM Results.
- ‘010001’
Objective If the CVM performed fails, then the terminal sets the CVM
Results data item appropriately
The terminal shall set the CVM results (tag ‘9F34’) as follows:
Byte 1: CVM Method Codes
The CVM Method Codes of the CVM actually
performed by the
terminal (first byte of the last CVM performed)
Byte 2: CVM Condition Codes
The CVM Conditions Codes of the CVM actually
performed by
the terminal (second byte of the last CVM performed)
Byte 3: CVM Results
Result of the (last) CVM performed as known by the
terminal:
’00’ = Unknown
’01’ = Failed
’02’ = Successful
Pass Criteria The first Generate AC command returns the following value for
CVM Results.
- ‘020000’
Objective If the CVM performed fails, then the terminal sets the CVM
Results data item appropriately
The terminal shall set the CVM results (tag ‘9F34’) as follows:
Byte 1: CVM Method Codes
The CVM Method Codes of the CVM actually
performed by the
terminal (first byte of the last CVM performed)
Byte 2: CVM Condition Codes
The CVM Conditions Codes of the CVM actually
performed by
the terminal (second byte of the last CVM performed)
Byte 3: CVM Results
Result of the (last) CVM performed as known by the
terminal:
’00’ = Unknown
’01’ = Failed
’02’ = Successful
Pass Criteria The first Generate AC command returns the following value for
CVM Results.
- ‘010002’
Objective The data element Point of Service (POS) Entry Mode Code is set
correctly if the ICC is read
Terminal All
Configuration
Card Profile to Use As default with PDOL requesting the POS Entry Mode Code
Pass Criteria The Get Processing Options command returns the value of the POS
Entry Mode (‘9F39’) as ‘05’.
This section has identified some tests for the Cardholder Interface.
Terminal All
Configuration
Terminal All
Configuration
Terminal All
Configuration
Objective If the terminal does not support the 1st language in the
Language Preference list on the IC then the 2nd Language
should be used
Terminal All
Configuration
This section describes further tests identified from the Terminal Specifications.
Terminal All terminals which reads the magnetic stripe and chip together
Configuration [ICS 1.5 = YES]
Card Profile to Use Default but the chip is faulty - Card does not respond to ATR
Pass Criteria The transaction should go online using the magnetic stripe
data
Pass Criteria 1. The terminal should prompt the user to swipe the
card.
2. The transaction should go online using the magnetic
stripe data.
Terminal
Configuration MTI =01 and MCC = 4111
[ICS 1 = Yes and 5 = YES]
SubCase 02:
Terminal submits store and Forward transaction to the
Acquirer
Pass Criteria CDA Validation fails, terminal does not store or send
transaction and should display or signal a decline that rider is
not permitted entry.
Terminal
Configuration MTI =01 and MCC = 4111
[ICS 1 = Yes and 5 = YES]
This section will be enhanced with further tests once End-To-End testing has been fully
defined. It is recommended that the following tests should be performed as part of the
certification process.
Objective When the terminal receives an ARQC in the response of the 1st
Generate AC then the online authorisation request must send
the ARQC received from the card in the message
Terminal All
Configuration
Procedure The card is inserted into the terminal and transaction performed
Pass Criteria The ARQC received by the terminal from the card should be the
same one transmitted to the Host
Objective When the terminal receives an Issuer Script from the Host the
terminal sends it to the card
Terminal All
Configuration
Card Profile to Use Default Card 1 returning ARQC in response to first Generate
AC command and accepting a PIN Unblock or Application
Block script command
Pass Criteria The card should receive an Issuer Script command after the
2nd Generate AC command
Objective When the terminal receives an Issuer Script from the Host the
terminal sends it to the card
Terminal All
Configuration
Card Profile to Use Default Card 1 - Returning ARQC in response to first Generate
AC command and accepting a PIN Unblock or Application
Block script command
Pass Criteria The card should receive an Issuer Script command before the
2nd Generate AC command
Terminal All
Configuration
Pass Criteria The card should receive all Issuer Script commands sent from
the Issuer after the 2nd Generate AC command
Terminal All
Configuration
Pass Criteria The card should receive all Issuer Script commands sent from
the Issuer before the 2nd Generate AC command
Objective The terminal should send a reversal to the host if the card
returns an AAC to the second Generate AC command even
though the Issuer approved the transaction
Pass Criteria 1. The card should receive the 1st and 2ndGenerate AC
commands
2. The 2nd Generate AC command received by the
card should be for a TC, but the card returns an
AAC
3. The terminal should send a reversal
Objective If the chip is faulty and the card is and if the service code on
the magnetic stripe starts with a ‘2’ or a ‘6’, the terminal should
set the appropriate value in the POS Entry Mode data
element, the Issuer should decline
Terminal All
Configuration
Card Profile to Use Default but the chip is faulty - Card does not respond to ATR
Pass Criteria The transaction should go online using the magnetic stripe
data and the POS Entry Mode data element sent to the host
should be set accordingly.
Objective To ensure that the Terminal shall either print a Transaction Record
automatically or offer and provide it at the Cardholder’s request and
must be provided upon completion of the Transaction.
Pass Criteria The Transaction record shall contain the following minimum
information. The order in which this information is printed is a
proprietary matter:
1) the local time at the POS Terminal and date of the Transaction;
2) the Issuer Authorization number;
3) a unique Terminal number that performed, or requested the
Transaction (optional);
4) retailer’s trade name and store location (optional);
5) the type of Transaction, (for example, purchase, correction or
credit);
Objective To ensure that the POS Terminal shall either print a Transaction
Record automatically or offer and provide it at the Cardholder’s
request and must be provided upon completion of the Transaction,
regardless of the Transaction’s final status
1) the local time at the IDP Terminal and date of the Transaction;
2) a unique Terminal number that performed, or requested the
Transaction (optional);
3) retailer’s trade name and store location (optional);
4) the type of Transaction, (for example, purchase, correction or
credit);
5) the amount of the Transaction and account type (for example
savings, chequing) being credited or debited;
6) a Retrieval Reference Number (optional);
7) the last 4 digits of the PAN read electronically from the Card.
8) the disposition of the Transaction (for example, approved or
declined);
9) the amount of any Surcharge charged by the Acquirer (optional);
10) Transaction Records for Chip-initiated Transactions must contain
the AID of the INTERAC Application.
11) POS entry mode
12) The Transaction Record shall not contain any confidential,
financial or personal Cardholder information other than the data
elements listed above
Contact kernel Application name and version: Payment application name and version:
3 ODA Capability
3.1 Supports Static Data Authentication and Dynamic Mandatory for offline only or online
Data Authentication capable POS Terminals
4 Support PSE
5 Supports Transit Open Payments If ‘Yes’ CDA on ARQC is mandatory
MTI=01 and MCC=4111
6 Indicate if the device is SCRP If ‘Yes’ PCI COTS Certification is
mandatory
SCRP (Secure Card Reader – PIN) is a PTS approval class that
For Interac Information only
supports PIN entry on COTS devices
No Functional test cases in the checklist
Appendix A
(Software-Based PIN Entry on COTS (SPOC) Solutions enable EMV
contact transactions with PIN entry on the merchant's consumer
device using a secure PIN entry application in combination
with a Secure Card Reader for PIN (SCRP)
The tables below detail the tests that must be performed on the terminal depending what is
supported. There is a table of Mandatory tests for POS terminals and a table of
Mandatory Tests for ABM terminals. It the terminal supports Selection using PSE then the
tests in section ‘POS Terminals supporting PSE Selection’ (if the terminal is a POS)
must also be executed.
The last table is a table of OPTIONAL tests that must also be executed against a POS
terminal if it supports offline transactions.
The tests in the table below should be performed on all POS terminals:
The following tables should be executed if the terminal supports the functionality.
If the POS terminal supports Offline Data Authentication [SDA], then the following test
needs to be performed in addition to the tests above for POS terminals:
If the POS terminal supports Offline Data Authentication [SDA], then the following test
needs to be performed in addition to the tests above for POS terminals:
If the POS terminal supports Offline Data Authentication [CDA], then the following test
needs to be performed in addition to the tests above for POS terminals:
6.2.4 POS TERMINAL WITH COMBINED CHIP / MAGNETIC STRIPE READER [ICS 1.5 = YES]
If the POS terminal has a combined Magnetic stripe / chip reader, then the following test needs
to be performed in addition to the tests above for POS terminals:
6.2.5 POS TERMINAL WITH SEPARATE MAGNETIC STRIPE READER [ICS 1.7 = YES]
If the POS terminal has a separate Magnetic stripe / chip reader, then the following test needs
to be performed in addition to the tests above for POS terminals:
If the POS terminal supports PSE selection, then the following tests are mandatory and need to
be performed in addition to the tests above for POS terminals:
If the POS terminal does not support PSE selection, then the following test needs to be
performed in addition to the tests above for POS terminals:
TEST Pass / Fail Comment
Select07
6.2.8 POS TERMINAL DOES NOT SUPPORT OFFLINE DATA AUTHENTICATION [ICS 1.1= YES AND ICS 3 =
NO]
If the POS terminal does not support Offline Data Authentication, then the following test
needs to be performed in addition to the tests above for POS terminals:
If the POS terminal supports online PIN, then the following test should be performed in addition
to the tests above for POS terminals (a host connection is required for this optional test):
If the POS terminal supports Transit Open Payments, then the following tests should be
performed in addition to the tests above for POS
The tests in the table below should be performed on all ABM terminals:
Organization Name: Certification Date:
The following tables should be executed if the terminal supports the functionality.
6.4.1 ABM TERMINAL DOES NOT SUPPORT OFFLINE DATA AUTHENTICATION [ICS 3 = ‘NO]
If the terminal is an ABM and it does not support Offline Data Authentication, then the following
test must be performed:
If the terminal is an ABM and it supports Offline Data Authentication, then the following
tests must be performed:
If the terminal is an ABM and it supports Offline Data Authentication, then the following
tests must be performed:
If the terminal is an ABM and it supports Offline Data Authentication, then the following
tests must be performed:
If the ABM terminal supports PSE selection, then the following tests need to be performed in
addition to the tests above for ABM terminals:
6.4.6 ABM TERMINAL DOES NOT SUPPORT PSE SELECTION [ICS 4 = ‘NO’]
If the ABM terminal does not support PSE selection, then the following test needs to be
performed in addition to the tests above for ABM terminals:
If the ABM terminal supports offline PIN then the following tests needs to be performed in
addition to the tests above for ABM terminals:
This section is detailing the card profiles to be used by the test tool in order to perform the
tests in this guide.
The majority of the testing will be tested against the base card configuration. Some of the
tests will change / add / remove values from the base configuration in order to test specific
functionality i.e.
Language Preference may change Data Elements added to CDOL so that the terminal can
log certain data element values, but the majority of the card profile will remain the same.
The test case will state which of the data elements needs a different value or element
adding (if different from the base card).
The PAN (tag 5A) and Track 2 equivalent data (tag 57) are suggested values. Tool
implementer can choose to use other values
or
‘91 0A 8A 02 95 05 9B 02’
Cardholder Name (5F20) “Test Card 1”
Certification Public Key ‘07’
Index
CVM List (8E) ’00 00 00 00 00 00 00 00 04 03 01 03
02 03’
ICC PIN Encipherment ’04AD4F9DC046FD7488920CB34BC
Public Key Certificate BB801350BD08F1330F3078F5D3A8
(‘9F2D’) B8FEA1B7E44E6E20ECC99A51045
56521B5A1FBCFC353BCA6945FB29
765906A5BDE92221EF859652655B
EA34D450D9C50DCEA353EB8577E
FB507E32A22C582E780166E28626
C6C7CF7705B940BE73CDFAC8DF
DF944BFF6454E59DE222A4013C02
D11859680948DD86621F70D235A2
3A021393D5427’
ICC PIN Encipherment ‘010001’
Public Key Exponent
(‘9F2E’)
ICC PIN Encipherment ’3DE7243E95903F6506FFDFFC170E
Public Key Remainder 6E3C93FD8E3E8829F4CCA549’
(‘9F2F’)
Issuer Public Key 1935B30D499CD477F02D09006E81
Certificate (90) 778414C49D0EADE98CB8BAE3D7B
547E7B9302F5FFF5D6F6AB129E87
B756AA88221C0E1C5DE9A76711B3
E631008ABC9F1527455F2343FD9E
77346B621A19671BF9A5FFC31D94
D5AE8E777622340A2E5E81FBE8C9
F064710AD96C0B69E97CBC7EA85
7A1CE1366C7977D2C20B31E1EDF
64D923D56EE74CAACA481EDF578
63F170F648DB1B90F718BA7547E5
B3BD71E68263B630B76C7DFA3C1
03CCD981D89668C45750499F579E
This card is as per the default card except that the data elements below are needed in
order for the terminal to perform SDA
This card is as per the default card except that the data elements below are needed in
order for the terminal to perform enciphered PIN Offline.
As per card image 1 but with the additional / changed data elements so that DDA can be
performed:
As per the default card image but PSE is supported on the card
As per the default card image but a further AID will be contained on the card. This AID can
be any AID supported by the terminal (i.e. a VISA AID or a Mastercard AID for example)
This card is as per the default card except that the data elements below are needed in
order for the terminal to perform enciphered PIN Online
The card as per default card 1 with PSE containing another AID ‘A0 00 00 00 03 80 10'
Interac and Visa Plus
Card containing 2 AIDS – INTERAC AID and Credit Card. The Credit Card AID can be any
AID supported by the terminal (i.e. a VISA Credit Card AID or a Mastercard Credit AID)
Except as permitted by law, no part of this document may be reproduced or transmitted by any process or means without prior
written consent of Interac Corp.
Published by Interac Corp, Royal Bank Plaza, North Tower, 200 Bay Street, Suite 2400, P.O. Box 45, Toronto, ON, M5J 2J1