Clarification require on offline data authentication

烈酒焚心 提交于 2019-12-23 05:15:22

问题


If card support SDA + DDA , At what condition POS will not perform SDA/DDA operation?? Is ODA performed by POS decided on basis of tag 82 only? or other tags/values check by the terminal to decide - ODA need to perform or not...

For me - DDA check card is genuine or not and no data altered inside it so it must be performed by any terminal.

Also I believe CA pubic key require to decrypt the certificate and here RID + Tag 8F used to get the correct key from key repository. Is it correct?


回答1:


If card support SDA + DDA , At what condition POS will not perform SDA/DDA operation??

POS will not perform SDA/DDA only when POS is not able for perform offline Transaction

Is ODA performed by POS decided on basis of tag 82 only?

Yes, Tag 82 tells, card support offline data authentication or not. Performing ODA is depend on capability of card and terminal. If Tag 82, DDA bit is 1 and terminal support offline data authentication, terminal must perform DDA.

Also I believe CA pubic key require to decrypt the certificate and here RID + Tag 8F used to get the correct key from key repository. Is it correct?

Each terminal/POS have different CA public keys that is require to decrypt the certificate. At the time of transaction , POS read RID and Tag 8F ( index) from the card and fetch the corresponding key from key Repository. same key is used to decrypt the certificate.

Can check more about ODA Here....

hope this information is up to the mark, Any correction/updation are welcome.



来源:https://stackoverflow.com/questions/37938385/clarification-require-on-offline-data-authentication

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!