Advice Required response from EMV card?

3
votes

I am trying to communicate with a SAM which apparently is implemented according to EMV specifications. The developer does only refer me to EMV books whenever I ask them a question. After limping through the EMV card and terminal specifications, I finally managed to send commands one after the other, and get to the GENERATE CRYPTOGRAM command with CDOL 1. My command looks like this (CDOL1):

80AE40001D0000000000010000000000000364000000000003640B300E001234567800

And here's the card's response:

802B08003280DBD8B5E81B4AF5065B0E038420000000000000000000000F000000000000000000000000000000

Now, am I correctly reading it? ADVICE REQUIRED bit to 1, correct? If that is the case, what happens now? This SAM is supposed to work off-line with only a PIN number and no online connectivity requirements.

1
apduemv

1 Answers

5
votes

Your gen ac command having p1 = 40 , here terminal is requesting an Transaction Certificate (offline transaction) Your response is showing , card is returning with using format 1 - premitive data object with tag equal to 80.

Here response containing :- 1 - Cryptogram Information Data ( 1 byte)
08
2 - Application transaction counter ( 2 byte)
0032
3 - Application cryptogram ( 8 byte)
80DBD8B5E81B4AF5
4 - Issuer Application data ( 32 byte)
065B0E038420000000000000000000000F000000000000000000000000000000

the CID byte indicate which type of cryptogram is returned by the card and here value is 08 - Transaction declined

Actually The CID reveal what kind of Application Cryptogram is returned. It can optionally contain an advice message if the transaction will rejected.

for more about advice message , how it process between card and terminal, look EMV book 2 and 3 (6.3.7 -card action analysis)
this is what your command response is indicating. hope it helps, if you have any other query , please share.