When credit cards were first introduced, merchants used mechanical (rather than magnetic) portable card imprinters that required carbon paper to make an imprint. the previous system, a customer typically had to hand their card to a sales clerk to pay for a transaction. The index reveal us which of them we need to process. The next step is to read the Certification Authority Public Key Index from the ICC.
To get the RID we extract the first five bytes of the Application Identifier (AID). Retrieval of Certification Authority Public Keyįor SDA we need first the Registered Application Provider Identifier (RID) to recognize whether we have a MasterCard or Visa Card because both have different public keys. SDA was successful if the IC Terminal verifies the SSAD. If the decryption was successful, the terminal extracts the P1 key to decrypt the SSAD. The Certification Authority Public Key (PCA) is stored in the IC Terminal.įor SDA the terminals decrypt the Issuer PK Certificate with the PCA key. To verify that S1 and P1 are made by the Issuer, the Issuer PK Certificate is signed with a Certification Authority Private Key (SCA). The corresponding Issuer Public Key (P1) will be stored in the Issuer PK Certificate. The Static application data will be signed with the Issuer Private Key (S1) and stored in Signed Application Data (SSAD).
In this figure we see the detailed process of authentication: If it conforms to the specification the data is authentic and has not changed. Every terminal has the public key and can decode the signed data. With the private key the issuer can "sign" critical data on ICC. The pair of keys is divided into a public and a private key. If you encode something with the first key, you can only decode it with the second key. SDA is a digital signature scheme working with asymmetric cryptograhpy.Īsymmetric cryptography uses a pair of keys. After SDA it is sure that the data from the ICC is real and hasn't changed by anyone.īut SDA doesn't assure the uniqueness of ICC data. SDA ensures the authenticity of ICC data.
0 kommentar(er)
