EMV Public Cap Keys, Parameters, and Reports
Below are two configuration files the payment application (or support systems for the payment applications) needs to load into the EMV PIN pad terminal:
EMV Cap Keys: the public EMV keys for each AID supported by the TPP and the terminal.
EMV Parameters: the TPP settings the EMV kernel uses to determine the EMV processing rules.
EMV Key Load Process
Every EMV chip is issued with public and private keys that enable it to support the EMV Protocol. There are multiple keys for each of the schemes / brands for all of the applications they support (their AIDs). In order to support this, EMVCo distributes the keys in a single EMV Cap Key file.
The Elavon Gateway provides EMV Public Key files at the beginning of an integration project and updates as needed (the public keys change about once a year). The file contains the RID associated with the key, the key index, length,modulus, exponent, expiration date and check sum.
The keys should be loaded prior to testing and must be updated within a TPP-specified time period. Refer to your terminal manufacturers guide on instructions for loading EMV Keys.
There are several reports that may be required for certification. If they are not available through PIN pad commands, the payment application should be able to produce similar reports as the POS system. Below are the report requirements.
EMV Key Load Report
The POS must be able to produce an EMV key load report if requested by the EMV card associations or the Elavon Gateway operations team. Below is the format of the Key Load report.
|EMV Key Load Report Header|
|Date||Date of last successful Key load|
|Time||Time of last successful Key load|
|TID||Terminal Identification - unique terminal identifier at the TPP|
|MID||Merchant Identification - unique merchant identifier at the TPP|
|Title||EMV PUBLIC KEY LOAD REPORT|
|EMV Key Load Report Repeated Fields Per Key (this will be repeated 6 times for 6 different EMV public keys as per card associations)|
|RID||First 10 characters of the AID, Application Identifier (EMV Tag 9F06) Format is either ASCII or Hex, confirm with your TPP interface guide.|
|Key Index||Identifies the Certificate Authority’s Public Key in conjunction with the RID (EMV Tag 9F22). Format is either ASCII or Hex, confirm with your TPP interface guide.|
|Key Modulus||Value of the modulus part of the Certificate Authority Public Key. Format is either ASCII or Hex, confirm with your TPP interface guide.|
|Key Exponent||Value of the exponent part of the Certificate Authority Public Key. Format is either ASCII or Hex, confirm with your TPP interface guide.|
|EMV Key Load Report Footer|
|Footer||END OF REPORT|
EMV Parameter Load Process
EMV parameters tell the EMV Kernel what rules the TPP wants to support in the EMV processing. Every TPP has the ability to customize the values in the file. The Elavon Gateway has a single format for the EMV parameter file.
The Elavon Gateway provides EMV parameter files at the beginning of an integration project and as they change going forward. The file contains the TPP parameters that define the EMV Kernel choices for items like supported cardholder verification methods, floor limits, terminal action codes, etc. Some of these values control whether the ICC chip will be allowed to perform offline validation or what the action rules are to require a transaction be declined or go online.
The payment application may wish to support multiple versions / configurations of the EMV Parameters. If they do, each version may either require an additional EMV certification or additional scripts to the EMV certification. Refer to your TPP to identify what configurations they will allow the payment application to support and the impacts of supporting multiple.
EMV Parameter Report
|EMV Parameter Report Header|
|Title||EMV PARAMETERS REPORT|
|TID||Terminal Identification – unique terminal identifier at the TPP
Format ex. Term ID: 001
|MID||Merchant Identification – unique merchant identifier at the TPP
Format ex. Merchant ID: 999999999999
|Time||Time of last successful Parameter load.
Format ex. MM/DD/YYYY : HH:MM:SS
|EMV Parameter Report Repeated Fields Per Brand|
|Sub-Title||Payment Brand Parameters: Visa|
|Application ID 1-6||Application ID 1: A0000000031010
Application ID 2:
Application ID 3:
Application ID 4:
Application ID 5:
Application ID 6:
|Floor Limit||Chip Offline Floor Limit: 0.00|
|Fallback Ind.||Fallback Indicator: Y/N|
|Terminal Action Codes||Terminal Action Code Denial: 0010000000
Terminal Action Code Online: D84004F800
Terminal Action Code Default: D84000A800
This example is missing several parameters (ex.: random selection, terminal type, terminal capabilities, additional terminal capabilities, TDOL, PDOL). Refer to the PIN pad terminal specification to identify what command(s) will generate the necessary report. See insert link here to view the full file format.
EMV Statistic Report
Some TPPs may require an EMV Statistic Report. Check with your TPP integration guide to identify if this report is required for certification.
The basic premise for this report is having the ability to view, search and print EMV statistics since the last batch close. The results should refresh with a successful settlement at the host. This aids in troubleshooting the POS acceptance device.
|EMV Statistic Report|
|Number of chip cards read failures|
|Number of PIN entry errors|
|Number of offline funds declined|
|Number of technical Fallbacks|
EMV Offline Declined Transaction Report
Check your TPP integration guide to identify if this report is required for certification.
The terminal application parameters and the data from the last offline declined transaction must be available on request. This may include DE 55 (a block containing multiple EMV tags in TLV format), the Terminal and Issuer Action Codes, the truncated PAN as printed on the receipt, and Application PAN Sequence Number, if present.
The elements printed include:
|EMV Offline Declined Transaction Report|
|Element||Example or Description|
|Masked Pan||PAN: XXXXXXXX4564|
|Pan Sequence #||PAN SEQ: 01|
|Issuer Action Codes||IAC Default: F040008800
IAC Denial: 0010000000
IAC Online: F040009800
|Terminal Action Codes||TAC Default: D84000A800
TAC Denial: 0010000000
TAC Online: D84004F800
*An alternative option to printing the DE055 block is to list each tag on separate lines. Refer to your TPP specification for details.