Classic Electronics Smart 4F Especificaciones descargar pdf (Pagina 43)

Smart Cards Lab COMPGA12 University College London

16.10 Cardholder Veriﬁcation

In EMV many cardholder authentication methods are supported. But by

default most cards with PIN support the simplest unencrypted PIN veri-

ﬁcation (the PIN is sent in cleartext to the card).

Warning: typically, if one enters incorrect PIN 3 times, the card

chip will be blocked forever !

Before we try the PIN veriﬁcation, let’s check how many trials are left.

Checking PIN Limits

Now we are able to read the ﬁeld that contains the number of trials left for

PIN checking. We issue the following EMV command in two parts, ﬁrst is

needed the determine the size of the ﬁle to retrieve:

EMV GET DATA OBJECT ’9F 17’

CLA INS P1 P2 Le

80 CA 9F 17 00

Answer obtained:

SW1 SW2

If the answer was indeed of form ’6C Le’, we will be able to recover the

answer:

EMV GET DATA OBJECT ’9F 17’

CLA INS P1 P2 Lc

80 CA 9F 17

Response obtained:

FID Le Result OK

9F 17 01

Thus there are PIN tries left.

Checking the PIN

One should only do it if one actually knows the PIN and one is absolutely

certain if it is correct. Otherwise after tries the card will never work

again.

To verify the PIN, we will use a standard ISO command (that also exists

in GSM cards and in many other cards). Here the PIN is the PIN pertaining

to a the current application, (not to the whole multi-application card), and

for this reason P2=’80’.

Nicolas T. Courtois 2009-10

1 2 ... 38 39 40 41 42 43 44 45 46 47 48 ... 58 59

Sin comentarios

Classic Electronics Smart 4F Especificaciones Pagina 43