Financial Series 14 qpboc transaction process

China Bank financial IC card qpboc transaction time (excluding terminal processing time) requirements: the length of the private key of the IC card is 1024 bits, the transaction time is <= 500 ms, 1152 <= 600

 

ATR=3B8D800100814D220886601222275000014ACARD=6231200100000000217F Send:00A404000E325041592E5359532E4444463031--->:6F30840E325041592E5359532E4444463031A51EBF0C1B61194F08A000000333010101500A50424F432044454249548701019000 Send:00A4040008A000000333010101--->:6F4C8408A000000333010101A540500A50424F432044454249548701019F38189F66049F02069F03069F1A0295055F2A029A039C019F37045F2D027A689F1101019F120A50424F432044454249549000 

 

============================ Pboc gpo transactionauthentication ====== ==================================

 

In the initial application processing phase, the terminal sends a GPO command to the card, which includes all the data required by pdol when the card is selected.

-- All terminals should provide data items labeled "9f66" in the GPO command according to the card's requirements in pdol (terminal transaction attribute );

-- All terminals should support the use of Jr/t0025.5 GPO response;

-- If pdol does not exist in the card response or the data item (terminal transaction attribute) labeled "9f66" does not exist in pdol, the terminal should close the non-contact interface, and try another interface for transaction.

 

Authorization amount (9f02): 000000000100 GPO: 80a8000023832000000000000000000000000000000000000000000156000000080001561303220111223344result: pushed

The terminal determines whether to perform transactions by MSD or qpboc based on the data elements provided by the application Interaction Features and card response GPO command.

-- If the status word of the card response GPO command is "9000", assuming that the terminal only supports one non-contact option (qpboc or MSD), the terminal should continue to process according to this option, AIP does not need to be determined;

-- If the status word of the card response GPO command is "9000" and the AIP 2nd byte 8th location is '1', assuming that the terminal supports MSD and other options, the terminal should process transactions according to MSD;

-- If the status word of the card response GPO command is "9000" and the AIP 2nd byte 8th location is '0', assume that the terminal supports qpboc and applies the ciphertext (Label "9f26 ") in the GPO command response, the terminal should process the transaction according to qpboc. If a data item labeled "9f26" does not appear, the terminal should handle the transaction according to debit/credit.

 

 

 

Obtain the public key of the issuing bank:

 

CA Public Key Index (8f): 09 issuer's Public Key Certificate (90): Certificate Data recovered from the issuer's Public Key Certificate: Certificate [√] issuer Public Key Certificate Format, authentication successful... [√] The summary information of the public key certificate of the issuing bank is consistent... signature static application data verification: issuer's public key index (9f32): 03 issuer's public key module: Signature's static application data (93): Signature resumes signature data: token data verification code (9f45): 6231 [√] consistent Hash Value Comparison of static signature data ...... [√] The static data authentication is successful ......

 

 

 

Standard Dynamic Data Authentication (DDA ):

 

Recover and verify the IC card public key:

 

IC card Public Key Index (9f47): 03ic card Public Key Certificate (9f46): Certificate for restoring the IC card Public Key Certificate: Certificate [√] IC card Public Key Certificate in the same format ...... [√] The recovered primary account is the same as the primary account of the Application read from the IC card... IC card public key module n length: B0, IC card Public Key Index e length: 01ic card Public Key remainder (9f48): Listen [√] Public Key Certificate abstract information comparison consistent ...... dynamic Signature generation: Dynamic Application Data of the signature (9f4b): used to restore the dynamic application data of the IC card Signature: used [√] The Dynamic Data Format of the recovered IC card signature is correct ...... [√] consistent Summary of dynamic signature data ...... [√] dynamic data authentication successful ...... [√] dynamic dataauthentication: Success identity ......

Text/Xin Xinyuan Chong   Reprinted please indicate the source http://blog.csdn.net/yxstars/article/details/38496801