[英]Unable to read PAN from debit card using EMV contactless (Interac Flash)
Trying to read a debit card number using standard EMV protocol on a card that supports NFC Interac Flash. 尝试在支持NFC Interac Flash的卡上使用标准EMV协议读取借记卡号码。
Here is my transaction sequence: 这是我的交易顺序:
Request1: 00A404000E325041592E5359532E444446303100 (Select 2PAY.SYS.DDF01 to get PSE directory) 请求1:00A404000E325041592E5359532E444446303100(选择2PAY.SYS.DDF01获取PSE目录)
Response1: 6F2C840E325041592E5359532E4444463031A51ABF0C1761154F07A00000027710105007496E74657261638701019000 (AID A0000002771010 found, Interac) 响应1:6F2C840E325041592E5359532E4444463031A51ABF0C1761154F07A00000027710105007496E74657261638701019000(AID A0000002771010 found,Interac)
Request2: 00A4040007A000000277101000 (Select AID A0000002771010) 请求2:00A4040007A000000277101000(选择AID A0000002771010)
Response2: 6F348407A0000002771010A5295007496E74657261638701015F2D02656E9F38159F59039F5A019F02069F1A025F2A029F37049F58016285 (Selected AID, response include PDOL, see image below. 响应2:6F348407A0000002771010A5295007496E74657261638701015F2D02656E9F38159F59039F5A019F02069F1A025F2A029F37049F58016285(选定的AID,响应包括PDOL,请参见下图。
http://i.stack.imgur.com/c9FjM.png http://i.stack.imgur.com/c9FjM.png
Request3: 80A800001583130000990000000000000001240124000001230000 (Get processing option, based on structure above) Request3:80A800001583130000990000000000000001240124000001230000(获取处理选项,基于上面的结构)
Response3: 6985 (Command not allowed; conditions of use not satisfied.) 回应3: 6985 (不允许命令;不满足使用条件。)
I am unable to get pass the 6985 error; 我无法通过6985错误; after 2 days of spec reading and trial-and-error.
经过2天的规格阅读和反复试验。
Any hints / thoughts / successful example in reading card number from a Debit Card (Interac)? 从借记卡(Interac)读取卡号的任何提示/想法/成功案例? Card being tested is a TD Debit Card with Interac Flash contactless function.
正在测试的卡是具有Interac Flash非接触功能的TD借记卡。
Thanks a lot! 非常感谢!
--- Note: I was able to read card number from Visa and MasterCard without GET PROCESSING OPTION. ---注意:我可以在没有GET PROCESSING OPTION的情况下从Visa和MasterCard读取卡号。 But since I kept getting 6985 without GPO, I try to do it, but failed.
但是因为我在没有GPO的情况下持续获得6985,所以我尝试这样做,但失败了。 I don't really need to do GPO, just need to get card number and expiration date.
我真的不需要做GPO,只需要获取卡号和有效期。 ---
---
The "Dual Interface Reader/Terminal Specification for Interac Direct Payment" version 1.4 indicates that the card should respond with SW1 SW2 = 6985 when the internal Application Transaction Counter (ATC) reaches its maximum value : “Interac Direct Payment的双接口读卡器/终端规格”版本1.4表示当内部应用程序事务计数器(ATC)达到其最大值时,卡应响应SW1 SW2 = 6985:
3.2.6 GET PROCESSING OPTIONS command
3.2.6 GET PROCESSING OPTIONS命令
... If ATC reaches its maximum value ('FFFF'), the card response to GET PROCESSING OPTION is SW1SW2 = '69 85'.
...如果ATC达到其最大值('FFFF'),则对GET PROCESSING OPTION的卡响应为SW1SW2 = '69 85'。
However, the card probably rejects the GET PROCESSING OPTIONS (GPO) command because of an invalid response to its requested PDOL. 但是,由于对其请求的PDOL的响应无效,该卡可能会拒绝GET PROCESSING OPTIONS(GPO)命令。 Here's a comparison of the values sent in your GPO command with the ones in a valid Interac Flash transaction :
以下是GPO命令中发送的值与有效Interac Flash事务中的值的比较:
TAG LEN MEANING YOUR SAMPLE VALID SAMPLE
9F59 03 Terminal Transaction Information 000099 C08000
9F5A 01 Terminal transaction Type 00 00
9F02 06 amount, authorised 000000000000 000000001000
9F1A 02 Terminal country code 0124 0124
5F2A 02 Transaction currency code 0124 0124
9F37 04 Unpredictable number 00000123 823DDE7A
9F58 01 Merchant Type Indicator 00 01
You'll notice that : 你会注意到:
Once you'll have corrected these values, the card will most likely accept the GPO command, and you'll be able to read the PAN using the READ RECORD commands. 一旦你纠正了这些值,卡很可能会接受GPO命令,你将能够使用READ RECORD命令读取PAN。
Hope this helps. 希望这可以帮助。
Below is an example of an accepted InteracFlash purchase, up to the accepted GPO command. 以下是可接受的InteracFlash购买示例,直至接受的GPO命令。 PCD identifies the commands sent by the contactless reader/terminal, PICC identifies the responses from the InteracFlash card :
PCD识别非接触式读卡器/终端发送的命令,PICC识别来自InteracFlash卡的响应:
PCD Select File
PCD CLA: 00
PCD INS: A4
PCD P1: 04
PCD P2: 00
PCD Lc: 0E
PCD Data: 32 50 41 59 2E 53 59 53 2E 44 44 46 30 31
PCD Le: 00
PICC Successful
PICC Data (46 bytes)
PICC Tag 6F:FCI Template
PICC Length:2C
PICC Value :84 0E 32 50 41 59 2E 53 59 53 2E 44 44 46 30 31
A5 1A BF 0C 17 61 15 4F 07 A0 00 00 02 77 10 10
87 01 01 50 07 49 4E 54 45 52 41 43
PICC Tag 84:Dedicated File (DF) Name
PICC Length:0E
PICC Value :32 50 41 59 2E 53 59 53 2E 44 44 46 30 31
PICC Tag A5:FCI Proprietary Template
PICC Length:1A
PICC Value :BF 0C 17 61 15 4F 07 A0 00 00 02 77 10 10 87 01
01 50 07 49 4E 54 45 52 41 43
PICC Tag BF0C:FCI Discretionary Data
PICC Length:17
PICC Value :61 15 4F 07 A0 00 00 02 77 10 10 87 01 01 50 07
49 4E 54 45 52 41 43
PICC Tag 61:Application Template
PICC Length:15
PICC Value :4F 07 A0 00 00 02 77 10 10 87 01 01 50 07 49 4E
54 45 52 41 43
PICC Tag 4F:Application Identifier
PICC Length:07
PICC Value :A0 00 00 02 77 10 10
PICC Tag 87:Application Priority Indicator
PICC Length:01
PICC Value :01
PICC Tag 50:Application Label
PICC Length:07
PICC Value :49 4E 54 45 52 41 43
PICC ASCII Value:INTERAC
PICC SW1 SW2: 90 00
PCD Select File
PCD CLA: 00
PCD INS: A4
PCD P1: 04
PCD P2: 00
PCD Lc: 07
PCD Data: A0 00 00 02 77 10 10
PCD Le: 00
PICC Successful
PICC Data (62 bytes)
PICC Tag 6F:FCI Template
PICC Length:3C
PICC Value :84 07 A0 00 00 02 77 10 10 A5 31 50 07 49 4E 54
45 52 41 43 87 01 01 9F 38 15 9F 59 03 9F 5A 01
9F 02 06 9F 1A 02 5F 2A 02 9F 37 04 9F 58 01 5F
2D 02 65 6E BF 0C 05 9F 4D 02 0B 14
PICC Tag 84:Dedicated File (DF) Name
PICC Length:07
PICC Value :A0 00 00 02 77 10 10
PICC Tag A5:FCI Proprietary Template
PICC Length:31
PICC Value :50 07 49 4E 54 45 52 41 43 87 01 01 9F 38 15 9F
59 03 9F 5A 01 9F 02 06 9F 1A 02 5F 2A 02 9F 37
04 9F 58 01 5F 2D 02 65 6E BF 0C 05 9F 4D 02 0B
14
PICC Tag 50:Application Label
PICC Length:07
PICC Value :49 4E 54 45 52 41 43
PICC ASCII Value:INTERAC
PICC Tag 87:Application Priority Indicator
PICC Length:01
PICC Value :01
PICC Tag 9F38:Processing Options Data Object List (PDOL)
PICC Length:15
PICC Value :9F 59 03 9F 5A 01 9F 02 06 9F 1A 02 5F 2A 02 9F
37 04 9F 58 01
PICC Tag 9F59:Terminal Transaction Information
PICC Length:03
PICC Tag 9F5A:Terminal transaction Type
PICC Length:01
PICC Tag 9F02:Amount, Authorized (Numeric)
PICC Length:06
PICC Tag 9F1A:Terminal Country Code
PICC Length:02
PICC Tag 5F2A:Transaction Currency Code
PICC Length:02
PICC Tag 9F37:Unpredictable Number
PICC Length:04
PICC Tag 9F58:Merchant Type Indicator
PICC Length:01
PICC Tag 5F2D:Language Preference
PICC Length:02
PICC Value :65 6E
PICC ASCII Value:en
PICC Tag BF0C:FCI Discretionary Data
PICC Length:05
PICC Value :9F 4D 02 0B 14
PICC Tag 9F4D:Log Entry
PICC Length:02
PICC Value :0B 14
PICC SW1 SW2: 90 00
PCD Get Processing Options
PCD CLA: 80
PCD INS: A8
PCD P1: 00
PCD P2: 00
PCD Lc: 15
PCD Data: 83 13 C0 80 00 00 00 00 00 00 10 00 01 24 01 24
82 3D DE 7A 01
PCD Le: 00
PICC Successful
PICC Data (23 bytes)
PICC Tag 77:Response Message Template Format 2
PICC Length:15
PICC Value :82 02 18 00 94 08 08 01 01 00 10 01 02 00 9F 63
04 00 10 00 00
PICC Tag 82:Application Interchange Profile
PICC Length:02
PICC Value :18 00
PICC Tag 94:Application File Locator (AFL)
PICC Length:08
PICC Value :08 01 01 00 10 01 02 00
PICC Tag 9F63:Card Transaction Information
PICC Length:04
PICC Value :00 10 00 00
PICC SW1 SW2: 90 00
...
Here is the whole working flow, with GPO and READ RECORD instructions. 这是整个工作流程,包含GPO和READ RECORD指令。
Request1: 00A404000E325041592E5359532E444446303100 Response1: 6F2C840E325041592E5359532E4444463031A51ABF0C1761154F07A00000027710105007496E74657261638701019000 Request2: 00A4040007A000000277101000 (SELECT) Response2: 6F348407A0000002771010A5295007496E74657261638701015F2D02656E9F38159F59039F5A019F02069F1A025F2A029F37049F58019000 Request3: 80A80000158313C080000000000000100001240124823DDE7A0100 (GPO) Response3: 7711820218009404100102009F6304001000009000 Request4: 00B2011400 (READ RECORD) Response4: 70615A08XXXXXXXXXXXXXXXXX5F3401015F24031711308E0C0000000000000000010302038C159F02069F03069F1A0295055F2A029A039C019F37048D09910A8A0295059F37049F0D05FCF8FCF8F09F0E0500100000009F0F05FCF8FCF8F09F070229009000
Thanks to Nicolas Riousset. 感谢Nicolas Riousset。 My problems included incorrect PDOL response, a dead EMV card and finally in the READ RECORD, I need to read record 2 to pick up the track data.
我的问题包括错误的PDOL响应,死EMV卡,最后在READ RECORD中,我需要读取记录2来获取轨道数据。 (not record 1)
(不是记录1)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.