Usage four PBOC borrow/credit IC card Terminal Special parameter information (PBOC IC configation tablemessage)
1. Variable Properties
ANS ... Lllvar, 3-byte length value + maximum 512 bytes of data.
Compression is a 2-byte length value that is represented by a right-side BCD code + 512 bytes of data in ASCII code.
2. Domain Description
The first part: Authentication Center Public key parameters
The PBoC borrows/credits the parameter information stored by the IC card terminal when it downloads its special parameters. In addition to the basic application parameters, it has a special parameter-Authentication Center public key parameters. The following first describes the authentication Center public key parameters of the download parameter information and process.
Authentication Center Public key parameters include the following parameter information: RID, authentication Center Public key index, authentication Center public key validity, authentication Center public key hutch algorithm identification, authentication center public key algorithm identification, authentication Center Public key module, authentication Center Public key index, authentication Center public key check value.
Each credit card organization may contain several public keys, so the authentication Center public key parameters appear repeatedly.
The Authentication Center public key class parameter uses the TLV (tag+length+value) format representation, the concrete value and the meaning are:
Table 1 Authentication Center public key parameters
Parameter name |
Parameter properties |
Parameter Length (byte) |
Parameter Tag Value |
Parameter meaning |
Parameter download time |
Parameter adaptation occasions |
RID |
B |
5 |
9f06 |
Identifies the public key of the authentication center together with the Certificate Center Public key Index |
When installing or adjusting |
Trading applications |
Certificate Center Public Key Index |
B |
1 |
9f22 |
Identify the public key of the authentication center along with the RID |
When installing or adjusting |
Trading applications |
Certificate Center public key validity period |
N8 |
4 |
DF05 |
Validity period stipulated by certification Center |
When installing or adjusting |
Trading applications |
Authentication Center Public key Hutch algorithm identification |
B |
1 |
DF06 |
Identifies the hutch algorithm used to produce hutch results in a digital signature scheme |
When installing or adjusting |
Trading applications |
Authentication Center public Key algorithm identification |
B |
1 |
DF07 |
Identify the digital signature algorithm used on the Authentication Center public key |
When installing or adjusting |
Trading applications |
Authentication Center Public Key module |
B |
Variable length, max 248 |
DF02 |
Public key Modulus Value |
When installing or adjusting |
Trading applications |
Certificate Center Public Key Index |
B |
1 or 3 |
DF04 |
Public Key Index |
When installing or adjusting |
Trading applications |
Authentication Center Public Key check value |
B |
Variable length |
DF03 |
Verify Authentication Center Public key |
When installing or adjusting |
Trading applications |
Note: The Authentication center public key check value is rid+ Authentication Center Public key index + Authentication Center Public key Module + Authentication Center Public key index, authentication Center public key Check value calculation method is SHA-1. |
The following describes the authentication Center public key download process.
Authentication Center Public key download can be divided into two processes: one is the unified update process of the receiving processing platform, the first is the POS active update process. It is important to note that regardless of the process, the following principles should be observed: transfer only one public key at a time, and retransmit the public key if an outage occurs during transmission.
A) The unified update process of the receiving processing platform:
The first step: from the receiving processing platform console to all the public key information required to update the terminal to update the public key information flag;
The second step: for each terminal, regardless of what kind of transaction, as long as the receiving processing platform that the terminal needs to update the authentication Center public key information, that is, in the receiving processing platform feedback to the POS terminal reply message Header "Processing Requirements" field to fill in "4", notify the POS terminal to obtain public key information;
The third step: the POS terminal received the message header "Processing Requirements" field fill "4" message, immediately automatically sent to the Authentication Center public key Information Inquiry message, message format such as 9.4.11POS status to send a section. Network Management code 60.3 domain and 62 domain usage four the first part of the specific values see 9.4.11;
Fourth step: The receiving processing platform receives the public key information message from the POS terminal and sends the inquiry Authentication Center, the current public key information list of the receiving processing platform is fed back to the POS terminal in the reply message. Network Management code 60.3 domain and 62 domain usage four the first part of the specific values see 9.4.11;
Fifth step: The POS terminal receives the receipt processing platform public key information list, first deletes the public key, changes the validity period and so on, if needs to download the new public key, To send the authentication Center public key Download Request message (9.4.9), fill in the RID identification, the receiving processing platform receives the request message, the corresponding public key content in the response message is passed to the terminal, only one group at a time. Network Management code 60.3 domain and 62 domain usage four the specific value of the first part is described in section 9.4.9.
Sixth step: After the end of the POS download, send the download end message. Please refer to section 9.4.11 for specific message formats. Network Management code 60.3 domain also see section 9.4.11. The message does not contain 62 domains.
b) POS Active update process:
POS can also initiate a public key download transaction, taking the third, fourth, fifth and sixth steps described in 1. The only difference is that in the third step, the POS terminal is automatically sent the Authentication Center public key information query message, rather than waiting for the POS center to notify it to send.
Part II: Other parameters
The download process for other parameters is described below.
Besides the need for the public key information, the IC card also needs to use other parameter information. These parameter information is shown in the following table:
Table 1 IC Card other parameters
Parameter name |
Parameter properties |
Parameter Length (byte) |
Parameter Tag Value |
Parameter meaning |
Parameter download time |
Parameters for the occasion |
AID |
B |
5-16 |
9f06 |
A list of loan/credit applications supported by the terminal, as described in ISO/IEC 7816-5, indicating the application |
When installing or adjusting |
Trading applications |
Apply selection indicator (ASI) |
B |
1 |
DF01 |
Indicates whether the aid on the terminal is an exact match (both length and content must be the same) or a partial match (the front part of the card aid is the same as the terminal aid, and the length can be longer) when the application is selected. Each aid in the list of apps supported by the terminal has only one app selection indicator. |
When installing or adjusting |
Trading applications |
App version number |
B |
2 |
9f09 |
The version number that the payment system assigns to the app |
When installing or adjusting |
Trading applications |
tac-Default |
B |
5 |
DF11 |
Identifies the receipt order condition for a transaction that is rejected if the transaction can be completed online but the terminal does not have online trading capability |
When installing or adjusting |
Trading applications |
tac-Online |
B |
5 |
DF12 |
Identify the receipt order criteria for online transactions |
When installing or adjusting |
Trading applications |
Tac-refused |
B |
5 |
DF13 |
Identify a single-line condition that rejects a transaction without an online attempt |
When installing or adjusting |
Trading applications |
Terminal Minimum limit |
B |
4 |
9f1b |
Minimum offline limit allowed by terminal when IC card is consumed |
When installing or adjusting |
Trading applications |
Bias randomly selected threshold value |
B |
4 |
DF15 |
Values for random trade selection in terminal risk management |
When installing or adjusting |
Trading applications |
Maximum target percentage for biased random selection |
CN (contains two significant digits) |
1 |
DF16 |
Maximum target percentage for biased random selection |
When installing or adjusting |
Trading applications |
Target percentage randomly selected |
CN (contains two significant digits) |
1 |
DF17 |
Target percentage for random selection |
When installing or adjusting |
Trading applications |
Default Ddol |
B |
Variable length |
DF14 |
Ddol for constructing internal authentication commands when there is no ddol in the card |
When installing or adjusting |
Trading applications |
Terminal Online PIN support capability |
B |
1 |
DF18 |
Indicates whether the terminal supports input of an online pin at the request of each aid. |
When installing or adjusting |
Trading applications A value of 00000001 indicates that the online pin is supported. A value of 00000000 indicates that the online pin is not supported. |
Terminal Electronic cash transaction limit |
cn |
6 |
9f7b |
The terminal uses this data element (if present) to determine how a transaction is handled, allowing electronic cash transactions when the authorized amount is less than the limit, otherwise setting the terminal behavior code and confirming the trading method (small payment parameters) according to the judgment. |
When installing or adjusting |
Trading applications |
Non-contact reader offline minimum limit |
cn |
6 |
DF19 |
In aid union, the minimum limit for non-contact transactions in the reader is indicated |
When installing or adjusting |
Trading applications |
Non-contact reader transaction limit |
cn |
6 |
DF20 |
If the amount of the non-contact transaction is greater than or equal to this value, the transaction terminates. Allow this transaction to be attempted on another interface |
When installing or adjusting |
Trading applications |
Reader Card holder Verification method (CVM) required limits |
cn |
6 |
DF21 |
If a non-contact transaction exceeds this value, the reader requires a Cardholder authentication method (CVM). |
When installing or adjusting |
Trading applications |
The following describes the parameter download process. Parameter download can be divided into two processes: one is the unified update process of receiving processing platform, the first is the active update process of POS.
A) The unified update process of the receiving processing platform:
The first step: from the receiving processing platform console to all the parameters required to update the terminal update parameter information flag;
The second step: for each terminal, regardless of what kind of transaction, as long as the receiving processing platform that the terminal needs to update the parameter information, that is, in the receiving processing platform feedback to the POS terminal Response message Header "Processing Requirements" field to fill in "5";
The third step: the POS terminal receives the message header "Processing Requirements" field fill "5" message, immediately automatically send the POS parameter query message, message format such as 9.4.11POS status sent. The specific values of the network management code and the 62 domain are described in the message format. After receiving the request message from the terminal, the receiving processing platform sends the aid application list that the terminal needs to support in the reply message to the terminal.
Fourth step: After the terminal receives the app list, it first compares it with the list of apps that it stores. If the terminal has and receiving processing platform feedback does not have the aid, the terminal needs to be deleted in the local, if the terminal has and receiving processing platform feedback, or the terminal does not receive the processing platform feedback, the terminal needs to re-download the information of the type aid. This function is implemented via the POS parameter delivery message. The POS terminal needs to fill in the aid identification (directly fill in the aid value) in the request message 62 domain, and the receiving processing platform returns all the parameter information of the aid to the terminal in the reply message. If the receiving processing platform returns multiple sets of aid parameters, the terminal needs to send the POS parameter delivery message repeatedly until all the aid parameters are downloaded. It is important to note that all aid class parameters may not be stored in a single message and therefore require a split transfer, so all parameters are set in groups and cannot be passed within a set of parameters in two packets respectively. Message formats such as the 9.4.9POS parameter pass section. Network Management code 60.3 domain and 62 domain usage the specific values for the second part are described in 9.4.9.
Fourth step: After the end of the POS download, send the download end message. Please refer to section 9.4.12 for specific message formats. Network Management code 60.3 domain also see section 9.4.12. The message does not contain 62 domains.
b) POS Active update process:
POS can also initiate a self-initiated parameter download transaction, taking the third, fourth, fifth, and sixth steps described in a. The only difference is that in the third step, the POS terminal is automatically sending the parameter information query message, rather than waiting for the POS center to notify it to send.
It should be noted that the terminal itself without any aid parameter information of the new terminal, repaired terminal, etc., before executing the transaction, must first force the terminal to initiate the process of actively updating the aid parameters.