|
Command: |
Validate an ARQC (or TC/AAC) and, optionally, generate an ARPC. Alternatively, the command can be used to generate an ARPC alone. This function is a general purpose command which will validate an ARQC, TC or AAC. |
|
Notes: |
Diagnostic data is produced by this command only if the HSM is in Authorised State. It is the responsibility of the host system to add any scheme specific padding data to the end of the supplied data prior to submission to the HSM. For some schemes this means appending a byte containing hex 80 to the end of the data. If the data supplied by the host is a multiple of 8 bytes, this command adds no further padding data. |
|
Field |
Length & Type |
Details |
|
COMMAND MESSAGE |
||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). |
|
Command code |
2 A |
Value KQ. |
|
Mode Flag |
1 N |
Mode of operation: 0 = Perform ARQC verification only 1 = Perform ARQC Verification and ARPC generation 2 = Perform ARPC Generation only |
|
Scheme ID |
1 N |
Identifier of the EMV scheme; 0 = Visa VSDC or UKIS 1 = Europay or MasterCard M/Chip |
|
*MK-AC(LMK) |
32H or 1A+32H |
The Issuer Master Key for Application Cryptograms encrypted under Variant 1 of LMK pair 28-29. |
|
IV |
16B |
IV for EMV 2000 Application Cryptogram session key derivation |
|
PAN/PAN Sequence No |
8 B |
Pre-formatted PAN/PAN Sequence No. |
|
ATC |
2 B |
Application Transaction Counter. Present for all modes. Any two byte value must be supplied, though it is not used, for Scheme ID = 0. |
|
UN |
4 B |
Unpredictable Number. Present for all modes. Any four byte value must be supplied, though it is not used, for Scheme ID = 0 |
|
Transaction Data Length |
2 H |
Length of next field. Can be any length from 1 to 255 bytes. Only present for Modes 0 and 1. |
|
Transaction Data |
n B |
Variable length data. Only present for Modes 0 and 1. If the data supplied is a multiple of 8 bytes, no extra padding is added. If it is not a multiple of 8 bytes additional zero padding is added. |
|
Delimiter |
1A |
Delimiter, to indicate end of Transaction Data, value “;”. Only present for Modes 0 and 1. |
|
ARQC/TC/AAC |
8 B |
ARQC/TC/AAC to be validated and/or used for ARPC generation. Present for both Mode 0,1 and 2. |
|
ARC |
2 B |
Authorization Response Code to be used for ARPC Generation. Not required for Mode 0. Must be present for Mode 1 and Mode 2. |
|
End message delimiter |
1 C |
Optional. Must be present if a message trailer is present. Value X’19. |
|
Message trailer |
n A |
Optional. Maximum length 32 characters. |
|
Field |
Length & Type |
Details |
|
RESPONSE MESSAGE |
||
|
Message header |
m A |
Returned to the Host unchanged. |
|
Response code |
2 A |
Value KR. |
|
Error Code |
2 N |
00 : No error 01 : ARQC/TC/AAC verification failed 04 : Mode Flag not 0, 1 or 2 05 : Unrecognised Scheme ID 10 : MK parity error 12 : No keys in user storage 13 : LMK parity error 15 : Error in input data 21 : Invalid user storage index 80 : Data length error 81 : Zero length Transaction Data |
|
ARPC |
8 B |
The calculated ARPC. Only present for Modes 1 and 2 if no error is encountered. |
|
Diagnostic data |
8 B |
Calculated ARQC/TC/AAC returned only if the error code is 01 and the HSM is in Authorised State. |
|
End message delimiter |
1 C |
Present only if present in the command message. Value X’19. |
|
Message trailer |
n A |
Present only if present in the command message. Maximum length 32 characters. |