PayPass. Test Cases for Level 2 Terminal Testing

Transcription

1 PayPass Test Cases for Level 2 Terminal Testing

2 Copyright The information contained in this manual is proprietary and confidential to MasterCard International Incorporated (MasterCard) and its members. This material may not be duplicated, published, or disclosed, in whole or in part, without the prior written permission of MasterCard. Media This document is available in both electronic and printed format. MasterCard Worldwide - CCoE Chaussée de Tervuren, 198A B-1410 Waterloo Belgium Fax:

3 Table of Contents Using this Manual...1 Scope...1 Audience...1 Language Use...1 Document Word Usage...1 Related Publications...2 Abbreviations...2 Notations...4 Summary of changes Introduction Terminal Vendor Testing Process Test Case Template Description Overview Test Cases Common Test Cases...1 C : Protocol Activation - Activate contactless interface...1 C : Pre-Process - Reader clears Terminal Contactless Transaction Limit exceeded flag...1 C : Pre-Process - Reader clears Terminal Contactless Floor Limit exceeded flag...2 C : Pre-Process - Reader clears Terminal CVM Required Limit exceeded flag...2 C : Pre-Process - Reader sets Terminal Contactless Transaction Limit exceeded flag...3 C : Pre-Process - Reader sets Terminal Contactless Floor Limit Exceeded flag...4 C : Pre-Process - Reader sets Terminal CVM Required Limit Exceeded flag...5 C : Pre-Process - Reader does not set Terminal Contactless Transaction Limit...6 C : Pre-Process - Reader does not set Terminal Contactless Floor Limit Exceeded...7 C : Pre-Process - Reader does not set Terminal CVM Required Limit Exceeded...8 C : Pre-Process - Contactless transaction limit exceeded for all AIDs...9 C : Pre-Process - Limits have the same value (implicit test) C : PPSE - First command C : PPSE - Syntax of command Message C : PPSE - Data Field Returned in the Response Message C : PPSE - Additional data objects C : PPSE - SW <> C : PPSE - Mandatory data missing in response C : PPSE - Incorrectly formatted FCI C : Building candidate list - Matching ADF name C : Building candidate list - ADF Name entries longer C : Building candidate list - Ordering of the final candidate list C : Building candidate list - API b8 = C : Building candidate list - No priority (API set to 0) C : Building candidate list - Duplicate priorities C : Building candidate list - No priority C : Building candidate list - Next Highest priority C : Building candidate list - Candidate list for final application selection is empty C : Building candidate list - Candidate list is empty - API bit 8 = C : FINALSELECT - Data Field in the response message C : FINALSELECT - Format 'ans' (App. Label and App. preferred Name) C : FINALSELECT - Language Supported by PayPass reader i

4 Table of Contents C : FINALSELECT - PayPass reader uses language With Highest Preference C : FINALSELECT - Store data for later use C : FINALSELECT - Additional Data objects returned in the Response Message C : FINALSELECT - No optional data C : FINALSELECT - SW <> 9000 and only one mutual application C : FINALSELECT - SW <> 9000 and only 3 mutual application C : FINALSELECT - Accept format errors for Selection data objects C : FINALSELECT - Verification of DF Name fails C : GetPO - No PDOL C : GetPO - Amount and Transaction Details present before application activation C : GetPO - Syntax of response message: Format C : GetPO - Syntax of response message: Format C : GetPO - Ignore additional data objects C : GetPO - Reader ignores 4th byte of AFL C : GetPO - PDOL tag is not a reader resident data object C : GetPO - SW <> 9000 & C : GetPO - SW = M/Chip C : GetPO - SW = M/Chip - Combined test C : GetPO - SW = Mag Stripe C : GetPO - Mandatory data objects missing in format 1 & format 2: AIP C : GetPO - Mandatory data objects missing in format 1 & format 2: AFL C : GetPO - Verification of response message fails C : GetPO - AFL with an incorrect SFI C : GetPO - AFL with an incorrect starting record number C : GetPO - AFL with an incorrect ending record number C : ReadRecord - Each entry in the AFL (Combined test) C : ReadRecord - Each entry in the AFL (Not pre-defined AFL) C : ReadRecord - Record Data Format C : ReadRecord - Mapping of data objects into records C : ReadRecord - Store data elements C : ReadRecord - ISO Padding - padding between Data object C : ReadRecord - Padding: padding between Data object with FF C : ReadRecord - Padding: padding between Data object C : ReadRecord - ReadRecord - Proprietary data (M/Chip) C : ReadRecord - Proprietary data (Mag Stripe) C : ReadRecord - Record size in the range from 1 to 254 bytes C : ReadRecord - SFI range 1-10 (Non-pre-defined AFL) C : ReadRecord - SW <> C : ReadRecord - Incorrect record template C : ReadRecord - Proprietary data ignored by Terminal in SFI 1 to C : ReadRecord - Reader data objects in card response C : ReadRecord - Duplication of primitive data objects C : DOL - Object List consistency (1) C : DOL - Concatenation C : DOL - PDOL Requests Amount, Authorized & Amount, Other C : DOL - Card requesting 9F28 tag C : DOL - Unknown tag C : DOL - Data not yet available C : DOL - Tag with length= C : DOL - Known tag, missing in card C : DOL - Shorter data object length, numeric format C : DOL - Shorter data object length, other format C : DOL - Longer data object length, other format C : DOL - Longer data object length, numeric format C : DOL - Constructed tag C : Data Object Management - Length field - 1 byte C : Data Object Management - Length field - 2 bytes C : Data Object Management - Unique IFD and Terminal Country Code for each AID C : Data Object Management - Terminal Contactless Transaction Limit for each AID ii

5 Table of Contents C : Data Object Management - Terminal Contactless Floor Limit present for each AID C : Data Object Management - Terminal CVM Required Limit present for each AID C : Data Object Management - Support of data object during application activation C : Data Object Management - Separate instance of data object for each AID C : Data Object Management - with minimum length - Application identifier C : Data Object Management - with maximum length Application Identifier C : Miscellaneous - PayPass reader Support of Local Language C : Miscellaneous - PayPass reader Display of Messages in Local Language C : Miscellaneous - PayPass reader Support of Relevant Character Set C : Miscellaneous - Display For Attendant in Attended Terminal C : Miscellaneous - Capability of PayPass Reader Printer C : Miscellaneous - PayPass reader uses local language when no match is found C : Miscellaneous - PayPass reader Displays Message in Supported Language PayPass Mag Stripe Test Cases G : PPSE - Mandatory data objects missing: ADF Name G : FINALSELECT - Direct selection of application G : FINALSELECT - Incorrectly formatted FCI G : FINALSELECT - Mandatory data objects missing G : GetPO - RFU bit set in AIP - Mag Stripe G : GetPO - Mag Stripe reader accepts M/Chip card G : ReadRecord - Files containing multiple records (Non-pre-defined AFL) G : ReadRecord - 4 m.s. bytes same as PayPass Mag Stripe value G : ReadRecord - Optional Data Objects G : ReadRecord - Verifying PCVC3TR1, PUNATCTR1 and NATCTR1 are present G : ReadRecord - Verifying qtrack G : ReadRecord - Verifying ktrack1 - ttrack G : ReadRecord - Verifying nun G : ReadRecord - Verifying qtrack G : ReadRecord - Verifying PAN and Expiration Date in Track 1 Data G : ReadRecord - Storing recognized data objects-optional data G : ReadRecord - Copying process - Track 1 format error G : ReadRecord - Not verify service code in Track 1 data or Track 2 data G : ReadRecord - Missing data objects: Track 2 Data G : ReadRecord - Missing data objects: PUNATCTRACK G : ReadRecord - Missing data objects: PCVC3TRACK G : ReadRecord - Missing data objects: NATCTRACK G : ReadRecord - All mandatory data objects missing G : ReadRecord - PCVC3TRACK1 or PUNATCTRACK1 or NATCTRACK1 missing G : ReadRecord - Copying process - Track 2 format error G : ReadRecord - Data Object incorrectly formatted: PUNATCTRACK G : ReadRecord - Data Object incorrectly formatted: PCVC3TRACK G : ReadRecord - Data Object incorrectly formatted: NATCTRACK G : ReadRecord - Copying process - Track 1 format error G : ReadRecord - Data Object incorrectly formatted: Track 1 Data G : ReadRecord - Data Object incorrectly formatted: PUNATCTRACK G : ReadRecord - Data Object incorrectly formatted: PCVC3TRACK G : ReadRecord - Data Object incorrectly formatted: NATCTRACK G : ReadRecord - Data Object incorrectly formatted: UDOL G : ReadRecord - ktrack2 < ttrack G : ReadRecord - nun > G : ReadRecord - qtrack2 < G : ReadRecord - qtrack1 < G : ReadRecord - ktrack1 - ttrack1 is not equal to nun G : ReadRecord - ktrack1 < ttrack G : ReadRecord - PAN discrepancy in Track 1 and Track G : ReadRecord - PAN & Expiration Date discrepancy in Track 1 and Track G : ReadRecord - Expiration Date discrepancy in Track 1 and Track G : Processing restrictions - AVN assigned by the payment system iii

6 Table of Contents G : Processing restrictions - AVN (card) present and supported G : Processing restrictions - AVN (card) present and not recognized G : Processing restrictions - AVN (card) not present G : CCC - No UDOL G : CCC - UDOL G : CCC - Unpredictable Number G : CCC - Generating an Unpredictable Number (nun = 0) G : CCC - Response contains only mandatory data objects G : CCC - Response contains mandatory and optional data objects G : CCC - Response contains mandatory, optional and additional data objects G : CCC - SW <> '9000' G : CCC - Mandatory card data object missing G : CCC - CVC3TRACK2, ATC missing G : CCC - CVC3TRACK1 missing G : CCC - No response to the CCC command G : CCC - Response not correctly formatted G : TrackComputation - Correctly builds discretionary data G : TrackComputation - Copying CVC3TRACK G : TrackComputation - Copying UN into Track 2 Data G : TrackComputation - Copying ATC to Track 2 Data G : TrackComputation - Copying nun G : TrackComputation - Copying CVC3TRACK G : TrackComputation - Copying UN into Track 1 Data G : TrackComputation - Copying ATC to Track 1 Data G : TrackComputation - Track 1 - nun at the end G : Completion - Data record with correct DDCARD,TRACK1, DDCARD,TRACK G : Completion - Optional data missing G : Completion - Data record with correct Third Party Data G : Completion - Mag Stripe Optional data missing G : Completion - Mag Stripe Optional data present G : Completion - Mag Stripe Optional data present G : DOL - UDOL - with maximum length G : Data Object Management - With minimum length G : Data Object Management - With maximum length G : Data Object Management - CVMlist not stored G : Refund - Data record G : Refund - Combined PayPass M/Chip Test Cases M : Pre-Process - CVM and Floor limits do not impact Mag Stripe transactions M : PPSE - Mandatory data missing: ADF Name, API M : FINALSELECT - SW <> Combined test M : FINALSELECT - Mandatory data objects missing M : FINALSELECT - Incorrectly formatted FCI M : GetPO - Valid PDOL M : GetPO - All bits in TVR and CVM results are set to 0b (1) M : GetPO - All bits in TVR are set to 0b (2) M : GetPO - All bits in TVR are set to 0b (3) M : GetPO - All bits in TVR are set to 0b (4) M : GetPO - All bits in TVR are set to 0b (5) M : GetPO - All bits in TVR are set to 0b (6) M : GetPO - Retrieval of AIP and AFL M : GetPO - AIP B2b8=1 and PayPass - Mag Stripe indicator not set M : GetPO - AIP B2b8=0 and PayPass - Mag Stripe indicator not set M : GetPO - RFU bit set in AIP - MChip M : GetPO - AFL with an incorrect number of records participating in ODA M : GetPO - Padding in format 1 response M : GetPO - Padding in format 2 response M : ReadRecord - Pre-defined AFL - no ODA iv

7 Table of Contents M : ReadRecord - Pre-defined AFL - SDA M : ReadRecord - Pre-defined AFL - CDA M : ReadRecord - Pre-defined AFL Online only M : ReadRecord - Files containing multiple records (Non-M/Chip profile AFL) M : ReadRecord - Length of Mandatory Data Objects: PAN M : ReadRecord - Padding of Data Objects: Track 2 equivalent Data M : ReadRecord - Mandatory data - SDA tag list not in SFI2 - record M : ReadRecord - Length coded on 2 bytes and data less than M : ReadRecord - Data objects processing (Unrecognized Data Objects) M : ReadRecord - Mandatory data missing - PAN M : ReadRecord - Mandatory data missing - CDOL M : ReadRecord - Mandatory data missing - Application Expiration Date M : ReadRecord - Mandatory data missing - SDA tag list M : ReadRecord - Duplication of data objects (MChip) M : Processing restrictions - AVN, AUC and Expired Application M : Processing restrictions - Processing the Year M : Processing restrictions - Calculation, Storage, and Display Date-Dependant Fields For Year M : Processing restrictions - Calculation of Dates M : Processing restrictions - Current Date is later than Application Expiration Date M : Processing restrictions - Current date is later than expiration date(leap year date) M : Processing restrictions - Current Date is equal to the Application Expiration Date M : Processing restrictions - Current Date equal to expiration date(leap year) M : Processing restrictions - Current Date is earlier than Application Expiration Date M : Processing restrictions - Current date is earlier than expiration date M : Processing restrictions - Current Date is earlier than Application Effective Date M : Processing restrictions - Current Date is equal to Application Effective Date M : Processing restrictions - Current Date is later than Application Effective Date(implied) M : Processing restrictions - Effective date out of range M : Processing restrictions - Expiration Date out of range M : Processing restrictions - PayPass reader Checks Presence of card in Exception file M : Processing restrictions - TVR Set if Match is Found in Exception File M : Processing restrictions - AVN assigned by the payment system M : Processing restrictions - AVN same M : Processing restrictions - Card and PayPass reader AVN are different M : Processing restrictions - AVN missing M : Processing restrictions - AUC missing M : Processing restrictions - AUC valid at ATM and other than ATM M : Processing restrictions - ICC match with TCC,'Valid for domestic goods set to 1 in AUC' M : Processing restrictions - ICC match with TCC,'Valid for domestic services set to 1 in AUC' M : Processing restrictions - No match with ICC and TCC 'Valid for international goods set to 1 in AUC' M : Processing restrictions - No match with ICC and TCC 'Valid for international services set to 1 in AUC' M : Processing restrictions - No match with ICC and TCC 'Valid for international goods not set to 1 in AUC' M : Processing restrictions - No match with ICC and TCC 'Valid for international services not set to 1 in AUC' M : Processing restrictions - ICC match with TCC,'Valid for domestic goods not set to 1 in AUC' M : Processing restrictions - ICC match with TCC,'Valid for domestic services not set to 1 in AUC' M : Processing restrictions - AUC set to 'Not valid for other than ATM' M : Processing restrictions - AUC set to 'Valid for other than ATM' M : Terminal Risk Management - Terminal Risk Management bit in AIP M : CVM selection - Cardholder Verification is supported in the AIP M : CVM selection - Supported CVM M : CVM selection - CVM condition-always M : CVM selection - Condition not satisfied M : CVM selection - Condition If supported and code not supported (Online PIN) v

8 Table of Contents M : CVM selection - Condition If supported and code not supported (Signature) M : CVM selection - no condition satisfied and no more CVRs M : CVM selection - If Transaction is under X value when the transaction amount = X M : CVM selection - If Transaction is over X value when transaction amount = X M : CVM selection - If Transaction is under Y value when the transaction amount = Y M : CVM selection - If Transaction is over Y value when the transaction amount = Y M : CVM selection - If unattended Cash and transaction is not cash M : CVM selection - If manual cash, and transaction is not manual cash M : CVM selection - CVM processing fails and CVR indicates to proceed with next rule M : CVM selection - If unattended Cash and transaction is not cash M : CVM selection - If manual cash, and transaction is not manual cash M : CVM selection - If purchase with cashback, and transaction is not purchase with cashback M : CVM selection - RFU bit setting in CVM List M : CVM selection - CVM processing fails and no more CVRs in the CVM List M : CVM selection - CVM processing fails and CVR indicates to not proceed with next rule M : CVM selection - Condition satisfied and Code is supported (No CVM) M : CVM selection - Condition satisfied and Code not supported (No CVM) M : CVM selection - Condition satisfied and Code not supported (No CVM) M : CVM selection - Condition satisfied and Code is supported (signature) M : CVM selection - Condition satisfied and Code is supported (PIN Online) M : CVM selection - Condition satisfied and Code not supported (Online PIN) M : CVM selection - Condition satisfied and Code not supported (Online PIN) M : CVM selection - Condition satisfied and non-paypass Code M : CVM selection - Condition satisfied and non-paypass Code M : CVM selection - Condition satisfied and Code not supported (signature) M : CVM selection - Condition satisfied and Code not supported (signature) M : CVM selection - Functions not specified in the AIP: Cardholder verification M : CVM selection - CVM Results Set With Method Code and Condition Code of Last CVM Performed M : CVM selection - CVM Results Set With Method Code and Condition Code of Last CVM Performed (5) M : CVM selection - CVM Results Set With Method Code and Condition Code of Last CVM Performed (3) M : CVM selection - CVM processing succeeds (2) M : CVM selection - CVM processing succeeds (3) M : CVM selection - CVM processing succeeds -No CVM M : CVM selection - ICC Data required by the CVM Condition Code is missing M : CVM selection - CVM List is not present in the ICC M : CVM selection - CVM List with no Cardholder Verification Rules M : CVM selection - Condition Code outside the range of understood codes M : CVM selection - condition satisfied and Code not understood b7= M : CVM selection - condition satisfied and Code not understood b7= M : CVM selection - Condition satisfied and Code is "Fail CVM" - b7= M : CVM selection - Condition satisfied and CVM Code is Fail CVM b7= M : TAA - TVR and IAC-Denial check requests a TC (implied) M : TAA - TAC Denial processing bit set to 0b M : TAA - TAC Online Processing bit set to 0b M : TAA - Reader has online capability, TVR and IAC-Online Codes check requests a TC (implied) M : TAA - Reader has not online capability, TVR and IAC default check requests a TC M : TAA - TAC Default processing bit set to 0b & PayPass reader has no online capability M : TAA - Requests a TC on first GenAC M : TAA - TVR and IAC-Denial/Online check requests a ARQC (implied) M : TAA - TAC Denial processing bit set to 0b and IAC online to 1b M : TAA - Reader has online capability, TVR and IAC-Online check requests an ARQC M : TAA - Online only terminal requests an ARQC when not matching TAC-Online or IAC-Online M : TAA - TAC Online Processing bit set to 1b M : TAA - Requests an ARQC on first GenAC vi

9 Table of Contents M : TAA - IAC-Denial is not present in the ICC M : TAA - IAC-Online is not present in the ICC M : TAA - IAC-Default is not present in the ICC and the PayPass reader is offline only M : TAA - TVR and IAC-Denial check requests an AAC M : TAA - TAC Denial processing bit set to 1b M : TAA - Reader has not online capability, TVR and IAC-Default check requests an AAC M : TAA - TAC Default processing bit set to 1b & PayPass reader has no online capability M : TAA - Requests a AAC at first GenAC M : GenerateAC - CDOL1 for the first GenAC M : GenerateAC - No CDA request when DA selected is not CDA M : GenerateAC - No CDA request when CDA failed M : GenerateAC - No ODA to be performed M : GenerateAC - PayPass reader completes transaction when card indicated approval M : GenerateAC - Syntax of response message: Format M : GenerateAC - Syntax of response message: Format M : GenerateAC - Retrieval of CID M : GenerateAC - CID - TC M : GenerateAC - CID- ARQC M : GenerateAC - CID- AAC M : GenerateAC - RAPDU with an TC in first GenAC M : GenerateAC - Response template when CDA - mandatory items - CID M : GenerateAC - Response template when CDA not requested - mandatory items - CID M : GenerateAC - Response template when CDA - mandatory items - ATC M : GenerateAC - Response template when CDA not requested - mandatory items - ATC M : GenerateAC - Response template when CDA not requested - mandatory items - AC M : GenerateAC - Response template when CDA not requested - optional items - IAD M : GenerateAC - Response template when CDA requested - optional items - IAD M : GenerateAC - Proprietary data objects M : GenerateAC - If CDA performed - data record contain valid Application Cryptogram M : GenerateAC - SW <> M : GenerateAC - Mandatory data object - CID missing M : GenerateAC - Mandatory data object - AC missing M : GenerateAC - Mandatory data object - ATC missing M : GenerateAC - Mandatory data objects missing, format 1, TC response M : GenerateAC - Mandatory data objects missing, format 2, TC response M : GenerateAC - Response template tag missing - CDA not supported M : GenerateAC - Mandatory data is missing when CDA generation requested M : GenerateAC - Additional data objects in SDAD calculation - CDA M : GenerateAC - Incorrect response M : GenerateAC - Incorrect format - CDA generation requested M : GenerateAC - ARQC in format 1 without CDA M : GenerateAC - Reversal Used M : GenerateAC - Card responds with a AAC on first GenAC M : GenerateAC - AAC in format 1 or M : GenerateAC - Offline only and ARQC M : GenerateAC - AAC not digitally signed M : GenerateAC - TC not in format M : GenerateAC - Cryptogram at a higher level than requested (1) M : GenerateAC - CID - AAR M : GenerateAC - Padding in format 1 response M : GenerateAC - Padding in format 2 response M : SDA - PayPass reader shall be able to store 6 CA Index per RID M : SDA - Bit Length of all Moduli M : SDA - Value of Certification Authority Public Key Exponent M : SDA - Value of Issuer Public Key Exponent M : SDA - Algorithm For SDA M : SDA - Issuer Identifier with length between 3 to 8 digits M : SDA - Relationship Between the Lengths of the CA, Issuer, and ICC Public Keys M : SDA - Upper bound for size of moduli vii

10 Table of Contents M : SDA - Rules for Processing the records identified by the AFL M : SDA - Rules for Processing the Input Data M : SDA - Rules for Processing the Input Data(2) M : SDA - Proprietary data participating in SDA M : SDA - Hash Result of SDA calculated with a long string of data M : SDA - Certification Revocation List update, removal M : SDA - Certification Revocation List update, addition M : SDA - Issuer Public Key Remainder not needed M : SDA - Processing AIP during Offline SDA M : SDA - Card supports SDA and Not CDA M : SDA - Card supports SDA, DDA and does not support CDA generation M : SDA - Mandatory Data Objects for SDA M : SDA - Non recognized data object participating in ODA M : SDA - Calculation of Dates Associated With SDA M : SDA - SSAD data set to FF M : SDA - SSAD value set to 1 byte value other than FF M : SDA - SSAD has length M : SDA - no ODA supported by the reader M : SDA - SDA Tag List -Contains only AIP M : SDA - ODA - Functions not specified in the AIP M : SDA - Unknown CA Public Key M : SDA - Set TVR when mandatory SDA objects missing M : SDA - Combined test M : SDA - Issuer Public Key Remainder missing M : SDA - Rules for Processing the records identified in AFL M : SDA - Length of Issuer Public Key Certificate M : SDA - Recovered Data Trailer not equal to 'BC' M : SDA - Recovered Data Header not equal to '6A' M : SDA - Certificate Format not equal to '02' M : SDA - Difference between calculated Hash Result and recovered Hash Result M : SDA - Issuer Identifier does not match leftmost 3-8 PAN digits M : SDA - Certificate Expiration Date earlier than today's date M : SDA - Non-TLV coded proprietary data participating in ODA M : SDA - RID, CA Public Key Index and Certificate Serial Number not valid M : SDA - Issuer Public Key Algorithm not recognized M : SDA - Signed Static Application Data Length not OK M : SDA - Recover Data Trailer not equal to 'BC'-SSAD M : SDA - Recover Data Header not equal to '6A'-SSAD M : SDA - Certificate Format not equal to '03'-SSAD M : SDA - SDA Tag List in SDA M : SDA - Difference between calculated Hash Result and recovered Hash Result-SSAD M : SDA - PayPass reader terminates when SDA failed M : CDA - GenAC Reference Control Parameter M : CDA - CDA is the ODA to be performed M : CDA - CDA is the ODA to be performed - SDA must not be performed M : CDA - Unpredictable Number generated by the PayPass reader M : CDA - CDA not performed when card returns ARQC M : CDA - Rules for Processing the Input Data M : CDA - Rules for Processing the Input Data(2) M : CDA - Proprietary data participating in offline CDA generation M : CDA - Non recognized data object participating in ODA M : CDA - Rules for Processing the records identified by the AFL - SFI in range M : CDA - Hash Result of ICC Public Key calculated with a long string of data M : CDA - Issuer Identifier with length between 3 to 8 digits (2) M : CDA - Bit Length of All Moduli M : CDA - PDOL in CDA M : CDA - Values of CDOL1 for Transaction Data hash M : CDA - Non-TLV coded proprietary data participating in ODA M : CDA - Value of CA Public Key Exponent viii

11 Table of Contents M : CDA - Value of Issuer Public Key Exponent M : CDA - Value of ICC Public Key Exponent M : CDA - Success when 9F 4B data length < 128bytes and length coded on 2 bytes M : CDA - Success when 9F 4B data length > 128bytes and length coded on 2 bytes M : CDA - Upper bound for size of moduli M : CDA - PayPass reader shall be able to store 6 CA Index per RID M : CDA - Relationship Between the Lengths of the CA, Issuer, and ICC Public Keys M : CDA - Algorithm for CDA M : CDA - Issuer Public Key Remainder not needed M : CDA - ICC Public Key Remainder not needed M : CDA - no CDA request if ARQC M : CDA - Length of Issuer Public Key Certificate M : CDA - Recovered Issuer Data Trailer not equal to 'BC' M : CDA - Recovered ICC Data Trailer not equal to 'BC' M : CDA - Recovered Issuer Data Header not equal to '6A' M : CDA - Certificate Format not equal to '02' M : CDA - Calculated Hash Result <> recovered Issuer Hash Result (2) M : CDA - Calculated Hash Result <> recovered ICC Hash Result M : CDA - Issuer Application Data M : CDA - Issuer Identifier does not match leftmost 3-8 PAN digits M : CDA - Issuer Certificate Expiration Date earlier than today's date M : CDA - ICC Certificate Expiration Date earlier than today's date M : CDA - RID, CA Public Key Index and Certificate Serial Number not valid M : CDA - RID, CA Public Key Index and Certificate Serial Number not valid (2) M : CDA - Issuer Public Key Algorithm not recognized M : CDA - Length of ICC Public Key Certificate M : CDA - Recovered ICC Data Header not equal to '6A' M : CDA - ODA - Functions not specified in the AIP M : CDA - Certificate Format not equal to '04'-ICC Certificate M : CDA - SDA Tag List Contains AFL M : CDA - Recovered PAN is not equal to read PAN-ICC Certificate M : CDA - ICC Public Key Algorithm not recognized M : CDA - SDAD Length M : CDA - Recovered Data trailer not equal to BC-SDAD M : CDA - Recovered Data header not equal to 6A-SDAD M : CDA - Recovered Signed Data Format not equal to 05-SDAD M : CDA - Recovered CID different from CID obtained after GenAC (1) M : CDA - Compare hash result-sdad M : CDA - Compare Transaction Data Hash Code-SDAD M : CDA - Unknown CA Public Key M : CDA - Set TVR when mandatory CDA objects missing M : CDA - Response template tag missing - CDA supported M : CDA - Issuer Public Key Remainder missing M : CDA - ICC Public Key Remainder missing M : CDA - Rules for Processing the records identified by the AFL - SFI in range M : CDA - Certification Revocation List update, removal M : CDA - Certification Revocation List update, addition M : CDA - No CDA generation when AAC M : CDA - CDA failed when ICC responded with TC (1) M : CDA - ICC responds with AAR with SDAD M : CDA - ICC responds with AAR without SDAD M : CDA - ICC Dynamic Data M : Completion - MChip Optional data present in Offline Transaction M : Completion - MChip - Optional data present in Online Transaction M : Completion - PayPass reader transmits data record M : Completion - MChip - Optional data not present (Offline Transaction) M : Completion - MChip - Optional data not present (Online Transaction) M : DOL - Data Elements are Initialized in PayPass reader M : DOL - Unpredictable Number (Tag 9F 37) in CDOL ix

12 Table of Contents M : DOL - CDOL1 - Authorized Amount M : DOL - Clock local date and Time M : DOL - longer data object length, compressed numeric format M : Data Object Management - Optional Data Objects M : Data Object Management - with minimum length M : Data Object Management - with maximum length (2) M : Data Object Management - with maximum length (1) M : Data Object Management - with maximum length (3) M : Data Object Management - PayPass reader Displays Error Message if Verification Process fails M : Integrated terminal features - Amount Entry Separate From PIN Entry M : Integrated terminal features - online request message when ARQC M : Integrated terminal features Digit PIN (Online PIN) M : Integrated terminal features - Protection of Values of Entered PIN M : Integrated terminal features - Data Printed on Receipt M : Integrated terminal features - Protection of PIN During Online PIN Verification M : Integrated terminal features - Application Used Identified on Receipt M : Integrated terminal features - Protection of Captured Transactions M : Integrated terminal features - PayPass reader Prints Receipt With Line for Cardholder Signature M : Integrated terminal features - PIN entry when Online PIN selected as CVM M : Combined test - GetPO and GenAC with different response format M : Combined test - SDA and Record length coded on 1 or 2 bytes M : Combined test - SDA and Record length of proprietary file coded on 1 or 2 bytes M : Combined test - GetPO and GenAC with different response format, CDA M : Combined test - CDA and Record length coded on 1 or 2 bytes M : Combined test - CDA and Record length of proprietary file coded on 1 or 2 bytes M : Combined test - Combined functions M : Combined test - Valid PDOL, SDA, SIGNATURE, GetPO, GenAC in format M : Combined test - PDOL empty, SDA, Paper Signature, No Issuer Authentication, GenAC Format M : Combined test - PDOL empty, SDA, Plaintext PIN, No Issuer Authentication, GenAC Format M : Combined test - TVR byte checking: Online Only, TRM, AUC M : Combined test - TVR byte checking: Offline Capable, no TRM, no AUC M : Combined test - TVR byte checking: Offline Capable, TRM, AUC M : Combined test - GetPO Format 2, SDA, Plaintext PIN, No Issuer Authentication, GenAC Format M : Combined test - GetPO Format 1, SDA, Paper Signature, No Issuer Authentication, GenAC Format M : Combined test - GetPO Format 2, TRM, SDA, CDA, EncPIN, GenAC Format M : Combined test - CDA, Keys remainder missing, Proprietary Data and EMV data M : Miscellaneous - CDOL1 - Additional Terminal Capabilities M : Miscellaneous - CDOL1 - Terminal Capabilities M : Miscellaneous - CDOL1 - Terminal Type M : Miscellaneous - Coding of Bits and Bytes RFU - Capabilities M : Miscellaneous - Coding of Bits and Bytes RFU - IAC and TAC set to M : Miscellaneous - Generation of Unpredictable Number M : Miscellaneous - Coding of Bits and Bytes RFU - IAC set to M : Refund - No Processing restrictions M : Refund - No Terminal Risk Management M : Refund - No CVM selection M : Refund - No TAA M : Refund - No ODA M : Refund - Combined x

13 Using this Manual Using this Manual This chapter contains information that helps you understand and use this document. Scope This document lists the test cases used for the PayPass Terminal Type Approval Level 2 (for both PayPass Mag Stripe and PayPass M/Chip). Audience This document is intended for use by terminal vendors who want to obtain approval for their PayPass implementation. Language Use The spelling of English words in this manual follows the convention used for U.S. English as defined in Webster s New Collegiate Dictionary. MasterCard is incorporated in the United States and publishes in the United States. Therefore, this publication uses U.S. English spelling and grammar rules. An exception to the above spelling rule concerns the spelling of proper nouns. In this case, we use the local English spelling. Document Word Usage When a test deals with Refund, the document explicitely mentions a Refund transaction. When a test deals with Payment, the document mentions either Payment transaction or Transaction. 1

14 Introduction Related Publications The following publications contain information related to the contents of this manual. MC v2.1 MS v3.3 EMV 4.2b EMV BOOK 1 EMV BOOK 2 EMV BOOK 3 EMV BOOK 4 AN2 VTG PayPass - MChip Reader Card Application Interface Specification (V2.1) (April, 2010) PayPass Mag Stripe Technical Specifications, Version 3.3 December EMVCo Type Approval Terminal Level 2 Test Cases v4.2b, Feb 4, 2010 Integrated Circuit Card Specification for Payment Systems: Application Independent ICC to Terminal Interface Requirements. Version 4.2, June 2008 Integrated Circuit Card Specification for Payment Systems: Security & Key Management. Version 4.2, June 2008 Integrated Circuit Card Specification for Payment Systems: Application Specification. Version 4.2, June 2008 Integrated Circuit Card Specification for Payment Systems: Cardholder, Attendant and Acquirer Interface Requirements. Version 4.2, June 2008 MasterCard PayPass Application #2, January 30, 2008 PayPass Vendor Testing Process v1.2 September 2009 ICS PayPass M/Chip ICS v2.1 Abbreviations The following abbreviations are used in this manual, (see also Chapter 1 PayPass List): Abbreviation AAC AAR AC ADF AEF AFL AID AIP an Description Application Authentication Cryptogram Application Authorization Referral Access Application Definition File Application Elementary File Application File Locator Application Identifier Application Interchange Profile Alphanumeric 2

15 Using this Manual Abbreviation Description API Application Priority Indicator ARQC Authorization Request Cryptogram ATC Application Tranaction Counter AUC Application Usage Control b Binary CA Public Key Certificatiuon Authority Public Key CCC Compute Cryptographic Checksum CDA Combined DDA/AC generation CDOL Card Risk Management Data Object List CID Cryptogram Information Data CVC Card Validation Code CVM Cardholder Verification Method CVR Cardholder Verification Results DDA Dynamic Data Authentication DDF Directory Definition File DF Definition File DOLs Data Object Lists EMV Europay MasterCard Visa FCI File Control Information FCI File Control Information hex. Hexadecimal IAC Issuer Action Code ICC Integrated Circuit Card Id Identification IIN Issuer Identification Number ISO International Organization for Standardization LT Lower Tester (device used to test the terminal: either a card or a probe) M/C MasterCard M/Chip MasterCard Chip n Numeric NCA Length of the Certificate Authority Public Key Modulus P1 Parameter 1 P2 Parameter 2 PAN Primary Account Number PDOL Processing Data Object List 3

16 Introduction Abbreviation PIN PK Certificate PPSE RFU RID SDA TAC TC TDOL TRM TSI TVR UDOL UN Description Personal Identification Number Public Key Certificate PayPass Payment System Environment Reserved for Future Use Registered Application Provider Identifier Static Data Authentication Terminal Authentication Code Transaction Certificate Transaction Certificate Data Object List Tertminal Risk Management Transaction Status Information Terminal Verification Results Unprdictable Number Data Object List Unpredictable Number Notations The following notations apply: Notation Description 0 to 9 and A to F 16 hexadecimal digits. Values expressed in hexadecimal form are enclosed in single quotes (i.e. _ ). 1001b abcd Binary notation. Values expressed in binary form are followed by a lower case b. an or ans string. # Number. [ ] xx Optional part. Any value. 4

17 Using this Manual Summary of changes The differences between version October 2009 and are the following: a) Alignment with [MC v2.1] (29 changes) b) Alignment with [EMV 4.2b] (14 changes) c) Test coverage improvement (17 changes, 1 major) d) Renamed tests Below are some more details. a) Alignment with [MC v2.1] Test Name Change Impact C Test Case update for Refund potential C Test Case update for Refund potential C Test removed since it was for EntryPoint None C Test Case update for Refund potential C Test Case update for Refund potential C Test Case update for Refund potential C Test Case update for Refund potential C Test Case update for Refund potential C Test Case update for Refund potential G Test Case update for Refund potential G Test Case update for Refund potential G Test Case update for Refund potential G Test Case update for Refund potential G Test Case update for Refund potential G Test Case update for Refund potential G Test Case update for Refund potential G New test for Refund potential G New test for Refund potential M Test Case update for Refund potential M Test Case update for Refund potential 5

18 Introduction M Test Case update for Refund potential M Test Case update for Refund potential M Test update (Merchant Custom Data) potential M New test for Refund potential M New test for Refund potential M New test for Refund potential M New test for Refund potential M New test for Refund potential M New test for Refund potential b) Alignment with [EMV 4.2b] Test Name Change Impact C Sub-cases 4, 5, 6 added to test the GetPO format 2 with a reserved EMV data item C Test Case aligned with the EMVCo related test (2CL ISO padding). C Test Case aligned with the EMVCo related test (2CL ISO padding). C Test Case aligned with the EMVCo related test (2CL ISO padding). potential potential potential potential C New test case about SFI 1 to 30 potential C Test case reviewed to better test the 2 bytes length field M New test (GetPO - Padding in format 1 response) M New test (GetPO - Padding in format 2 response) M New test (GenerateAC - Padding in format 1 response) M New test (GenerateAC - Padding in format 2 response) M New test (CDA-Iss Public Key Remnder missing) previously tested in M M New test (CDA-ICC Public Key Remnder missing) previously tested in M M New test case about ICC Dynamic Data length, as per EMV 4.2b potential potential potential potential potential potential potential potential 6

19 Using this Manual c) Test coverage improvement Test name Change Impact G New sub case (Track1 with separator) potential G Test case reviewed (sub cases 3 and 4) potential G New test (Mag Stripe data record with optional data present) G Test was reviewed to include min and max length for all data record objects potential potential M TVR B3b7 now checked potential M TVR B3b7 now checked potential M TVR B3b7 now checked potential M TVR B3b7 now checked potential M TVR B3b7 now checked potential M TVR B3b7 now checked potential M TVR B3b7 now checked potential M TVR B3b7 now checked potential M New key lengths (144, 176) tested potential M New sub case for maximum key sizes major M New key length (144, 176) tested potential M Test case reviewed to include min and max length for all data record objects M Test case reviewed to include min and max length for all data record mandatory objects potential potential d) Renamed tests Previous test name New test name C M C M C M C C C C

20 Introduction C C G G C G G G G G G G C G C G G G C M M M C M M M M M M M M M M M M M M M M M C M C M

21 Introduction 1 Introduction This chapter contains an introduction to the testing process. 1.1 Terminal Vendor Testing Process The Vendor Testing Guide [VTG] document describes the process PayPass terminal vendors must follow for their products to be approved by MasterCard. One of the steps of this process is the Terminal Type Approval Level 2 (TTA L2). The objective of TTA L2 is to ensure the MasterCard PayPass application embedded in the terminal is compliant with requirements as defined in [MC V2.1] or [MS V3.3]. The compliance of a terminal to the application requirements is verified by executing tests specified by tests cases. A test case: covers a specific objective (for example: ensure that if, in the course of normal processing, the terminal recognises that data returned by the card is incorrectly formatted, then the terminal terminates processing.). refers to a specific requirement from the PayPass specifications. defines the conditions (card & terminal state) that must be met before the tests can be started. defines the procedure to execute the tests defines the criteria that allow a test to be considered as successful. 1-1

22 Introduction 1.2 Test Case Template Description Overview This paragraph describes the Test Case template used in this document. Test Case number and name Test objective Optional implementation needed to run this test Specification section Card configuration required for this test Test procedure Condition of test validation C SELECT PPSE Data Field Returned in the Response Message To ensure that the terminal ignores the presence of data objects returned in the SELECT PPSE response data that are not defined in [M/C PROFILE]. [PPSE] [MS V3.3]: Exception Processing [MC V2.1]: Exception Processing [EMV 4.2b]: N/A The terminal and LT have at least one mutually-supported application. The FCI Issuer Discretionary Data data object in the FCI of the PPSE contains a single directory record and the contents of this directory record correspond to one of the applications supported by the terminal. FCI of PPSE contains data objects that are not defined in [M/C PROFILE]. Application in LT is selected and transaction is performed with LT. The terminal issues a SELECT command with AID identical to the ADF Name in the directory record returned in the FCI of the PPSE. 1-2