I try to create field 55 and send it to bank host for make payment. I'm read all data find (by Apple Pay VISA, token) and create field 55 like this:
9F26 Application Cryptogram: 5CBD1E2494A6DE86 - Get from card
9F27 Cryptogram Information Data: 80 - Get from card
9F10 Issuer Application Data: 1F4A0132A0000000001003027300000000400000000000000000000000000000 - Get from card
9F37 Unpredictable Number: 00002352 - generate it and use in GPO requeste
9F36 Application Transaction Counter (ATC): 029B - Get from card
95 Terminal Verification Results: 0000000000 - Static data
9A Transaction Date: 210805 - Set it myself
9C Transaction Type: 00 - Static data
9F02 Amount, Authorised (Numeric): 000000000100 - Set it myself
5F2A Transaction Currency Code: 0980 - Static data
5F34 Application Primary Account Number (PAN) Sequence Number: 00 - Get from card
82 Application Interchange Profile: 0040 - Get from card
9F1A Terminal Country Code: 0804 - Static data
9F03 Amount, Other (Numeric): 000000000000 - Static data
9F33 Terminal Capabilities: E0F8C8 - Static data
4F Application Identifier (AID) – card: A0000000031010 - Get from card
9F35 Terminal Type: 22 - Static data
84 Dedicated File (DF) Name: A0000000031010 - Get from card
9F6E Unknown tag: 23880000 - Get from card
When I send it and track2 to bank I get response error with code 100 - Decline
and get push-message to phone that transaction was decline.
How I understand it's answer by card issuing bank. Can anyone help what can be trouble? May be incorrect field 55 or can be some problems on the host side of the acquirer bank (then tell me what could be?...).
Please, help! Thanks!
Related
I am developing an android payment application which is emv compatible. In this application con-tactless card acceptance has been integrated, how ever for the certification purposes it is required to determine the CVM applied on the transaction. for a con-tactless transaction how do we determine the CVM method applied for the transaction ? for example if the transaction amount is above the CVM limit and the user entered online pin, at the end I want to determine that ,the user has entered online PIN
There is no update from terminal to mobile app on the used CVM during tap. If using a a mobile wallet( with Wallet providers Visa and MasterCard ) you will get a notification from MDES/VTS after transaction completion, in which you can see(give a try ) whether the CVM used is present along with the transaction Approved/Declined status. If that too is not available, the only way left behind is to get it from the issuer system.
If you have "lame" EMV kernel which don't provide CVM output for CTLS then your only option is to parse it from transaction output. Unfortunately every card issuer using their specific way of "handling" CVM output.
Step 1
Determine card issuer and card type. Use AID (tag 4F) to do it.
Step 2
Visa and UnionPay EMV - you need to parse tag 9F6C - Card Transaction Qualifiers where
Byte 1 bit 8 set to 1 means Online PIN. Byte 1 bit 7 set to 1 means Signature.
JCB EMV - (JCB have 2 other modes but it's not in use in my region. Possibly it's already deprecated for whole world.) you need to parse tag 9F50 - Cardholder verification status where 00 means No CVM. 10 means Signature. 20 means Online PIN.
MasterCard EMV - (MasterCard have also MSR mode but it's not in use in my region) you need to parse tag 9F34 - CVM Results. This is same tag as for contact transactions so just check and follow contact EMV book rules.
MasterCard Mobile - I'm not 100% sure but it has to be same as for MasterCard EMV.
Amex EMV - parse tag 95 - Terminal Verification Result. When Byte 3 bit 3 is set to 1 then CVM is Online PIN else No CVM.
Amex Mobile - parse tag 9F71 - Mobile CVM Results. Check corresponding EMV Contactless book for specs.
For other issuers you have to check corresponding EMV Contactless books.
I read here that EVM cards will sign some transaction data.
I would like to do this with my card, using my phone, and verify that the signature on the result is correct.
To start, I issued this command ("request APDU"):
00:A4:04:00:0E:32:50:41:59:2E:53:59:53:2E:44:44:46:30:31:00
One of the "Application IDs" was this:
A00000038410
So then I issued this command ("Select Payment application"):
00:A4:04:00:07:A0:00:00:00:03:10:10:00
and it returned this "Processing Options Data Object List (PDOL)":
9F66049F02069F37045F2A02
I read here how to decode this, because I couldn't find the official spec anywhere:
9F6604 - the tag 9f 66 represents the terminal transaction qualifiers
9F0206 - tag 9f 02 stands for authorized amount. The PDOL list must have the amount, authorized, coded into 6h bytes added to it.
9F3704 - tag 9f 37 stands for unpredictable number, thus encode such a number in 4 bytes and add it to the list
and here how to decode this:
5F2A02 - TX currency code
I understand the next step is to run "Get Processing Options" but this is where I got stuck. I tried:
80:A8:00:00:02:83:00:00
80:A8:00:00:12:83:10:01:02:03:04:05:06:07:08:01:02:03:04:05:06:07:08:00
80:A8:00:00:12:83:10:F3:20:40:00:00:00:00:01:00:00:04:04:06:03:05:08:00
80:A8:00:00:02:83:10:F3:20:40:00:00:00:00:01:00:00:04:04:06:03:05:08:00
All gave back a result of 6D:00 (Instruction code not programmed or invalid).
I tried looking in "emv book 3" and "emv book 4" but neither seem to contain the relevant information.
What do I need to do next in order to make a transaction, sign, and check the result?
Your GPO commands needs to provide the PDOL values requested by the card. The requested tags are:
9F66 - 4 bytes
9F02 - 6 bytes
9F37 - 4 bytes
5F2A - 2 bytes
So the commands needs to provide these in the same order, with expected lengths.
Assuming you want to send the following sample values:
9F66: 11223344
9F02: 112233445566
9F37: 11223344
5F2A: 1122
Your GPO command will look like this:
80A800001283101122334411223344556611223344112200
Where the PDOL data is 11223344112233445566112233441122.
Hope this helps
If PDOL found in response of select application, here you need to pass the value of PDOL tags in GPO command,
can find a very good article Here. hope it helps.
I was wondering if anyone could help me understand difference between ISO 8583 Field 22 i.e. POS Entry Mode. I already know that:
52 means ICC Card
80 in case of fallback
But what I want to know is difference between
22 (Magnetic Stripe)
and 90
Can anyone help me on this?
The length of Field 22 usually 3-digits (or 4-digits in case it is BCD packed into two Bytes) in protocols based on ISO 8583:1987 or 12-digits in case protocols based on ISO 8583:1993 version. Customized protocols could use different sub-fields content and values meaning behind.
While you use short values in the requested question, I guess, your Field 22 based on ISO 8583:1987 version and you lost the leading and/or ending zero. So, your sample values becomes 3 digits length - 052, 800, 022, and 090 or 900.
Usually the 3-digits Field 22 splited into two sub-fields:
Position 1 and 2 - Personal Account Number (PAN) Entry (or capability);
Position 3 - Personal Identification Number (PIN) Entry (or capability);
Here are the possible interpretations:
02 - PAN auto-entry via magnetic stripe, track data is not required, 2 - no PIN.
05 - PAN auto-entry via chip, 2 - no PIN.
09 - E-Commerce, 0 - unknown PIN capability.
80 - Fallback to magnetic stripe, 0 - unknown PIN capability.
90 - PAN auto-entry via magnetic stripe, track data should be transmitted within the authorization request, 0 - unknown PIN capability.
etc.
90 used in case track data present in the ISO 8583 request message, 02 - if, for same reason, acquirer or terminal device not qualified to transfer track data in the request messages.
Depending of protocol requirements could be exceptions with Field 22 values. It is usually checked during the terminal device and communication interface certifications.
I will elaborate few things here. From above comments I can see that 09 is for E commerce transactions,but as per my knowledge for E commerce transactions we should use PAN Entry mode as 01(manual entry). Because for card not present transactions entry mode has always in manually.
POS Entry mode says whether the particular transaction is E commerce or POS. The possible values are :
01 Manual entry
02 Magnetic Stripe,track 2 data will ignore
05 Smart card,track 2 data required
90 Magnetic stripe no track 2 data
91 contactless card
95 Smart card , track2 data not required
Thanks share your ideas on this
I'm trying to unmount a volume in my Cocoa application using the Disk Arbitration Framework.
Before calling:
DADiskUnmount(disk,
kDADiskUnmountOptionDefault,
unmountCallback,
self );
I register a callback function that get's called afterwards:
void unmountCallback(DADiskRef disk, DADissenterRef dissenter, void *context )
{
if (dissenter != NULL)
{
DAReturn ret = DADissenterGetStatus(dissenter);
switch (ret) {
case kDAReturnBusy:
printf("kDAReturnBusy\n");
break;
}
}
In this function I try to interpret the dissenter return value but get stuck. I suppose it should be of type DAReturn and have a value like kDAReturnBusy But when e.g. iTunes is using the volume and it can not be unmounted "ret" has a value of 0xc010 that I don't quite understand.
In case unmounting fails I'd like to find out why the volume can't be unmounted and in case another application is using it remind the user of closing this application.
But when e.g. iTunes is using the volume and it can not be unmounted "ret" has a value of 0xc010 that I don't quite understand.
The documentation you linked to, for the DAReturn type, lists all the Disk Arbitration constants as looking like this:
kDAReturnError = err_local | err_local_diskarbitration | 0x01, /* ( 0xF8DA0001 ) */
So, DA's error returns are all made of three components, OR'd together.
If you look at the documentation for DADissenterGetStatus, it says:
A BSD return code, if applicable, is encoded with unix_err().
If you then search the headers for unix_err, you find it in /usr/include/mach/error.h, which says:
/* unix errors get lumped into one subsystem */
#define unix_err(errno) (err_kern|err_sub(3)|errno)
and:
/*
* error number layout as follows:
*
* hi lo
* | system(6) | subsystem(12) | code(14) |
*/
There's those three components again. Some other macros in error.h arrange the system and subsystem values (e.g., err_kern and err_sub(3)) into those positions.
So now, let's open the Calculator, press ⌘3 to put it into programmer mode, switch it to base-16, and type in your error code, and see what it says:
0xC010
0000 0000 0000 0000 1100 0000 0001 0000
31 15 0
Breaking that apart according to the above layout, we find:
0000 00
31
System: 0, which error.h says is err_kern. This error came from the kernel.
00 0000 0000 11
31 15
Subsystem: 3 (0b11). This plus the system code matches the aforementioned definition of unix_err. So this is a BSD return code, as DADissenterGetStatus said.
00 0000 0001 0000
31 15 0
Individual error code: 16 (0x10, 0b10000).
UNIX/BSD errors are defined in <sys/errno.h>, which says:
#define EBUSY 16 /* Device / Resource busy */
This suggests to me that you can't unmount that device because it's in use.
the above post nicely explains how to find out information about the error code which you have seeing.
however, how to actually solve the issue with unmount failing due to EBUSY?
if you don't care about processes that might still be using the mounted volume, you can just force the dismount by changing:
DADiskUnmount(disk, kDADiskUnmountOptionDefault...)
to
DADiskUnmount(disk, kDADiskUnmountOptionForce...)
your idea of "reminding the user of closing this application" is more complicated to implement. if you really want to go that way, i guess you could parse the output of /usr/sbin/lsof to find the 'offending' process names
When i am trying to buy shares using google finance api I am getting an exception:
run:
Enter user ID: ****#gmail.com
Enter user password: ******
Enter transaction type: Buy
Enter transaction date (yyyy-mm-dd): 2010-03-10
Enter number of shares (optional, e.g. 100.0):
Enter price (optional, e.g. 141.14): 12.0
Enter commission (optional, e.g. 20.0): 23.0
Enter currency (optional, e.g. USD, EUR, JPY): USD
Enter any notes: Notes
Enter portfolio ID:
1
Enter ticker (EXCHANGE:SYMBOL):
NASDAQ:INFY
Inserting Entry at location: http://finance.google.com/finance/feeds/default/portfolios/1/positions/NASDAQ:INFY/transactions
The server had a problem handling your request.
com.google.gdata.util.ServiceForbiddenException: Forbidden
Exception message unavailable
at com.google.gdata.client.http.HttpGDataRequest.handleErrorResponse(HttpGDataRequest.java:561)
at com.google.gdata.client.http.GoogleGDataRequest.handleErrorResponse(GoogleGDataRequest.java:563)
at com.google.gdata.client.http.HttpGDataRequest.checkResponse(HttpGDataRequest.java:536)
at com.google.gdata.client.http.HttpGDataRequest.execute(HttpGDataRequest.java:515)
at com.google.gdata.client.http.GoogleGDataRequest.execute(GoogleGDataRequest.java:535)
at com.google.gdata.client.Service.insert(Service.java:1347)
at com.google.gdata.client.GoogleService.insert(GoogleService.java:599)
at financetester.Main.insertTransactionEntry(Main.java:169)
at financetester.Main.main(Main.java:81)
BUILD SUCCESSFUL (total time: 1 minute 4 seconds)