implementing American Express EMV acceptance on a Terminal

Size: px
Start display at page:

Download "implementing American Express EMV acceptance on a Terminal"

Transcription

1 implementing American Express EMV acceptance on a Terminal EMV tools A MERICAN E XPRESS I ntegrated Circuit Card P ayment S pecification

2 The policies, procedures, and rules in this manual are subject to change from time to time by American Express. Copyright 2007 by American Express Travel Related Services Company, Inc. All rights reserved. No part of this document may be reproduced in any form or by any electronic or mechanical means, including information storage and retrieval systems, without the express prior written consent of American Express Travel Related Services Company, Inc. EMV is a trademark of EMVCo, LLC. PCI Security Standards Council is a trademark of PCI Security Standards Council, LLC. All other trademarks and brands are the property of their respective owners.

3 CONTENTS SECTION 1: INTRODUCTION Overview How to Use This Guide Reference Documents Requirement Notation SECTION 2: EMV SPECIFICATIONS Industry Specifications AEIPS: American Express Integrated Circuit Card Payment Specification SECTION 3: TERMINAL REQUIREMENTS Y EMV TRANSACTION STEP Introduction EMV Transaction Steps Step 1: Application Selection Step 2: Initiate Application Processing Step 3: Read Application Data Step 4: Offline Data Authentication Step 5: Processing Restrictions Step 6: Cardholder Verification Step 7: Terminal Risk Management Step 8: 1st Terminal Action Analysis Step 9: 1st Card Action Analysis Step 10: Online Transaction Processing Step 11: Issuer Authentication Step 12: 2nd Terminal Action Analysis Step 13: 2nd Card Action Analysis Step 14: Issuer Script Processing Step 15: Transaction Completion October

4 SECTION 4: SPECIAL TRANSACTION PROCESSING AEIPS Requirements During Technical Scenarios Fallback Premature Card Removal Referral Transactions Declined Transactions Stand-In Authorization Reversals AEIPS Requirements During Situational Scenarios Refunds Card Not Present Card Not Yet Present Transaction Amount Not Yet Known Card No Longer Present Card Re-Presented for Final Charge Adding a Gratuity AEIPS Requirements for Unattended Payment Terminal (UPT) Scenarios Cardholder Verification on UPTs Fallback on UPTs Online Capability with UPTs SECTION 5: AEIPS TERMINAL CERTIFICATION Introduction How to Perform AEIPS Terminal Certification AEIPS Terminal Certification Test Plan [AEIPS-TEST] Setting Up the Terminal Prior to AEIPS Terminal Certification Additional Parameters and Requirements for Stand-In Certification Mandatory Data for Diagnostics Connectivity Test October

5 5.5. Completing the AEIPS Test Plan Documentation TVR and TSI Setting Requirements Overview of AEIPS Terminal Certification Tests Mandatory Tests Tests That Are ased on the Terminal s Functionality Tests That Are Performed When There Are Communication Changes SECTION 6: MERCHANT EDUCATION Guidance for a Successful Training Program APPENDIX A: CAPK INFORMATION APPENDIX : DISPLAYALE MESSAGES APPENDIX C: GLOSSARY AND ACRONYMS October

6 SECTION 1: INTRODUCTION 1.1. Overview This guide is designed to assist you (the Terminal Vendor, Merchant, Reseller, or Third Party Processor) with implementing American Express EMV acceptance on a Terminal, using the American Express Integrated Circuit Card Payment Specification (AEIPS). This guide assumes that you have a basic understanding of EMV. y studying the guide and reference documents, you will gain a sound understanding of the requirements, policies, and procedures as well as configuration options which apply specifically to American Express. You will also find helpful hints, in the form of est Practices, to aid you in understanding how best to implement American Express EMV acceptance. INTRODUCTION This guide details only the American Express-specific requirements and configurable options for implementing EMV technology. Unless otherwise detailed within the document, process transactions as described within the EMVCo specifications. Additionally, this guide outlines only the globally-standard requirements for implementing AEIPS; there may be additional country-specific or Acquirer-specific requirements. To learn more details about EMV implementation, please contact your Acquirer or American Express Representative, or visit the EMVCo website (www.emvco.com) How to Use This Guide While this guide is not a definitive technical specification, it will provide a roadmap to allow you a more thorough understanding of American Express EMV implementation. You will find additional support in the technical reference documents cited in 1.3. For your convenience, also included is a Glossary and Acronyms section at the end of this document that you can refer to as you encounter unfamiliar terms, acronyms, or phrases. Words that are defined in the glossary are capitalized when used in this guide Reference Documents All documents that are referred to within this guide are listed in Table 1. These documents will be referenced using the abbreviations provided. This is not an exhaustive list of available documents. Please contact your American Express Representative to learn about the additional reference documents that are available. Table 1: Reference Documents Abbreviation Full Document Name Source [AEIPS-TEST] AEIPS Test Plan v5.2, American Express Please contact your American Express Representative [AEIPS-TERM] AEIPS Terminal Specification (AEIPS 4.1), American Express Please contact your American Express Representative [AEIPS-CARD] AEIPS Chip Card Specification (AEIPS 4.1), American Express Please contact your American Express Representative [ISO-9564] anking Personal Identification Number (PIN) Management and Security October

7 Abbreviation Full Document Name Source [ISO-11568] anking Key Management (Retail) [ISO-11770] Information Technology Security Techniques Key Management [ISO-13492] anking Key Management Related Data Element (Retail) [ISO-15782] Certificate Management for Financial Services [ISO-15408] Information Technology Security Techniques Evaluation Criteria for IT Security [ISO-7813] Identification Cards Financial Transaction Cards INTRODUCTION 1.4. Requirement Notation Throughout this guide, attention is drawn to requirements within the text by using bold and italics on key words as follows: Mandatory requirements are highlighted through the use of the words must, shall, mandatory, or mandate(s). Optional recommendations are highlighted through the use of the words should, optional, or recommend(s). This guide seeks to highlight only requirements above and beyond those that are mandatory in the EMV specifications, as well as options that may be set by the Payment rands. October

8 SECTION 2: EMV SPECIFICATIONS 2.1. Industry Specifications For the purposes of this document, EMV is used to describe a set of Chip Card specifi cations administered by EMVCo. These specifi cations facilitate an interoperable framework in which Chip Card-based payment transactions can be processed globally. The EMV specifi cations allow Payment rands and Issuers the fl exibility to customize specifi c requirements with regards to security, risk management, and Cardholder Verifi cation, in order to best meet their own objectives. The EMV specifications apply to virtually every aspect of the Chip Card, including: physical characteristics; the electronic interface between the Chip Card and Terminal; determination of protocols for data communication between a Chip Card and a Terminal; and payment application features. EMV SPECIFICATIONS EMVCo details and manages Terminal type approval to ensure compliance with the specifications. The Payment rands set their own requirements for EMV implementation and define the testing processes to certify against these requirements. anking industry associations in certain countries may also set local requirements. These tend to be related to national rollouts in order to ensure there is a consistent approach in a country (e.g., by specifying common requirements for the usage of PIN) AEIPS: American Express Integrated Circuit Card Payment Specification The EMV specifications contain many implementation options that the Payment rands clarify within their individual specifications. To enable the most effective usage of EMV technology, American Express has produced AEIPS. We have divided AEIPS into two separate specifications: AEIPS Chip Card Specification [AEIPS-CARD], which defines the technical data elements and functionality when implementing EMV-compliant Chip Cards. AEIPS Terminal Specification [AEIPS-TERM], which outlines the Terminal functionality required to process American Express EMV transactions. EST PRACTICE: It is recommended that you read both the AEIPS Chip Card Specification and the AEIPS Terminal Specification to fully understand how to implement American Express EMV. As AEIPS is built on the EMVCo specifications, there are no technical differences between implementing EMV for American Express than for the other Payment rands. The only differences that exist are configuration options that American Express has specified based on the EMVCo specifications. Just as American Express has configuration differences from other Payment rands, similar configuration differences exist among other Payment rands as well. Therefore, you can easily implement American Express EMV as you implement other Payment rands. This affords you several benefits, including meeting the requirements of all the Payment rands at once, saving the effort of adding AEIPS after EMV migration is already underway, and ensuring the satisfaction of potential customers. October

9 SECTION 3: TERMINAL REQUIREMENTS Y EMV TRANSACTION STEP 3.1. Introduction This section examines each step of an EMV transaction. As shown in Figure 1, American Express is interoperable with the EMV specifications and also aligns very closely with the other Payment rands. There are only four steps within the EMV transaction process flow in which American Express has configuration differences from the industry. Figure 1: Process Flow for an EMV Transaction insert card 1 2 application selection initiate application processing Application Selection: The EMV specifications allow for both complete and partial Application Identifier selection, and each Payment rand has chosen which option to leverage. American Express requires the use of partial Application Identifier selection for all American Express Cards, so the Application Selection Indicator within the Terminal must be set appropriately. REQUIREMENTS Y TRANSACTION STEP 3 read application data 4 offline data authentication same as industry configuration differences 5 6 processing restrictions cardholder verification Terminal Risk Management: Of the several Terminal risk management checks allowed by the EMV specifications, American Express mandates that the Terminal perform Floor Limit checking and random transaction selection. The other checks can be optionally performed by the Terminal. 7 8 terminal risk management 1st terminal action analysis 1st Terminal Action Analysis: There are no technical differences for handling an American Express Card during this step. Like the other Payment rands, American Express has specific Terminal Action Code values that must be loaded into the Terminal. offline transaction unable to go online st card action analysis online transaction processing Online Transaction Processing: Like the other Payment rands, American Express has a unique message format, which may vary by country. Therefore, the Terminal, Third Party Processor, or Acquirer will need to ensure that they are able to place the EMV data elements into the appropriate format for each Payment rand. 11 issuer authentication 12 2nd terminal action analysis 13 2nd card action analysis 14 issuer script processing 15 transaction completion remove card October

10 3.2. EMV Transaction Steps Following is a high-level description of each EMV transaction step. For those steps where American Express has configuration differences, our requirements are noted and described in detail. In some steps, there are also additional requirements which cover operational functionality outside of the EMV specifications, e.g., PIN ypass. These additional requirements are also described in the appropriate steps. These symbols will help identify the steps that have changes exclusive to AEIPS: Indicates there is a configuration difference specific to AEIPS Indicates no customization beyond standard EMV specifications A general description of the step appears at the beginning of each section, set off in gray borders. Step 1: Application Selection American Express has configuration differences. When a Chip Card is inserted into a Terminal, the Terminal determines (and may have the option to display) a list of applications supported by both the Chip Card and Terminal. This is done by matching an Application Identifier (AID) loaded into the Terminal with a similar value loaded in the card. REQUIREMENTS Y TRANSACTION STEP Application Selection on AEIPS-compliant cards is performed according to the EMV specifications. American Express mandates that Terminals support and are enabled for partial name selection by setting the Application Selection Indicator. In partial name selection, the select command is issued with the partial American Express AID loaded in the Terminal, which is comprised of the American Express Registered Application Provider Identifier (RID), and the first byte of the Proprietary Application Identifier Extension (PIX). The American Express RID is: A , and the first byte of the PIX for an AEIPS-compliant payment application is 01. Therefore, the AID value held within the Terminal for use in partial name selection shall be A If a Chip Card is inserted into a Terminal and no matching applications can be found i.e., if the Terminal is EMV-enabled but not yet certified, or if it is EMV-enabled for other Payment rands but not yet for American Express the transaction must be processed using the magnetic stripe. You must not process the transaction as Fallback (see section Fallback for definition). To enable the transaction to be processed using the magnetic stripe, the Terminal must not perform extended service code checking, i.e., the Terminal should not prompt for card insertion when a service code that starts with a 2 or a 6 is detected. In this case, the POS data codes or similar indicators must indicate that the Terminal did not have chip capability, e.g., Position 1 (card input capability code) 5 (Integrated Circuit Card [ICC]). To support this, the Terminal must have the ability to set the POS data code based on the Payment rand. October

11 Step 2: Initiate Application Processing American Express has the same requirements as the EMV specifications. When an AEIPS application is selected, the Terminal requests that the Chip Card provide the location of the data to be used for the current transaction and list the functions supported. Step 3: Read Application Data American Express has the same requirements as the EMV specifications. The Terminal reads the necessary data from the locations provided by the Chip Card and uses the list of supported functions to determine which processing to perform. The information required to perform Offline data authentication is found within the data read from the Chip Card during this stage of the transaction. Step 4: Offline Data Authentication American Express has the same requirements as the EMV specifications. However, additional requirements that cover operational functionality outside of the EMV specifications are provided. Offline data authentication validates that the card being used in the transaction is the genuine card that was issued and that the card data has not been altered. There are different types of Offline data authentication. The most common are Static Data Authentication (SDA) and Dynamic Data Authentication (DDA). The Terminal determines whether it authenticates the Chip Card Offline, using either SDA or DDA, based upon the ability of the Chip Card and Terminal to support these methods. REQUIREMENTS Y TRANSACTION STEP American Express mandates that Terminals support SDA and DDA; however, support of Combined DDA/Application Cryptogram (AC) generation (CDA) is optional. Certification Authority Public Keys (CAPKs) are required to support Offline data authentication. The lack of the correct CAPKs will lead to Offline data authentication failures and potential transaction declines. Terminals must be capable of storing up to six CAPKs for each Payment rand. Full detail of CAPK expiration dates, required Terminal load dates, earliest Issuer usage dates, and required key removal dates are detailed in Table 2. Table 2: CAPK Management Lifecycle CAPK Expiration Date Length Required Date for Acquirers to Load Earliest Date for Issuers to Use Required Removal Date at Terminals December December January June December December March June December 2017 or later December 2017 or later 31 December January 2007 six months after expiration 31 December January 2007 six months after expiration October

12 EST PRACTICE: American Express, in line with other Payment rands, reviews the CAPK lifecycle on an annual basis. Therefore, the expiration dates stated in Table 2 may change. American Express recommends that Terminals do not store the expiration date, unless it can be easily updated. American Express CAPKs are ed to Terminal Vendors when they contact American Express to start AEIPS Terminal certification. American Express CAPKs are distributed in a fixed format. oth the CAPKs and the fixed format are detailed in Appendix A. Step 5: Processing Restrictions American Express has the same requirements as the EMV specifications. The Terminal performs a number of checks to determine whether or not to allow the transaction, or whether any product-specific geographical (e.g., domestic use only) or service-type restrictions (e.g., cannot be used for cash withdrawal) apply. Step 6: Cardholder Verification American Express has the same requirements as the EMV specifications. However, additional requirements that cover functionality outside of the EMV specifications are provided. REQUIREMENTS Y TRANSACTION STEP Cardholder Verification is used to determine whether the Cardmember is legitimate and whether or not the Chip Card has been lost or stolen. In a typical retail environment, the following Cardholder Verification Methods (CVMs) are supported by the Terminal: Offline enciphered PIN Offline plaintext PIN Signature No CVM required The actual CVM supported on an AEIPS-compliant Chip Card or Terminal will depend on the implementation of EMV within the country. PIN Requirements. The use of PIN either plaintext or enciphered with EMV introduces some new technical and operational requirements. The sections below detail the American Express requirements in relation to PIN. American Express mandates that the Terminal be capable of supporting both plaintext and enciphered PIN. The Terminal shall display the transaction amount (or an accurate estimate) to the Cardmember before PIN entry. PIN Pads should be designed to take into account the requirements of all Cardmembers (e.g., a raised dot on the 5-key to assist partially-sighted Cardmembers, etc.). October

13 PIN Pads should be placed in locations that can accommodate the requirements of all Cardmembers (e.g., to enable PIN entry from a seated position for wheelchair-bound customers). Also, the Cardmember should be able to see his or her card at all times. If a PIN Pad is present, it must comply with EMV, Payment Card Industry Data Security Standard (PCI DSS) PIN Entry Device (PED), and local country requirements. American Express has no minimum requirements for PIN Pads beyond those of EMV, PCI PED, and the local country payment authorities or regulatory bodies. PIN Input Errors. When the Cardmember encounters problems entering his or her PIN, prompts are necessary to guide the Merchant and Cardmember. AEIPS-Specific Requirements for PIN Input Errors When a card is presented to a Terminal and the PIN try counter = 1 i.e., there is one PIN attempt remaining then the Terminal should produce a suitable prompt to inform both the Merchant and the Cardmember of this situation. (For Terminal display messages, see Appendix.) If the PIN try counter = 0, the Terminal shall continue the transaction, having set the applicable bits in the Terminal Verification Results (TVR), indicating that the PIN try counter has been exceeded. PIN ypass. PIN ypass is an option to aid the customer experience during the implementation of PIN. It can be leveraged when the Cardmember cannot remember his or her PIN or may temporarily be unable to enter the PIN. In this case, the Merchant may have the option to bypass PIN entry and enable the chip and Terminal to process the next CVM, which is likely to be signature. REQUIREMENTS Y TRANSACTION STEP PIN ypass shall be able to be performed only if all of the following requirements are met: the Terminal is attended; the Terminal is configured to provide PIN ypass; the Merchant and Acquirer agree to support it; and the Chip Card s CVM list allows another CVM to be performed, and the Terminal can support this CVM. When PIN ypass is used, the TVR shall record that PIN was required, PIN Pad present and working, but PIN not entered (yte 3 it 4). EST PRACTICE: American Express recommends making PIN ypass functionality a confi gurable option within the Terminal so that the functionality can be disabled when appropriate, e.g., when a country has reached PIN maturity. Important Note: PIN ypass reduces both the fraud mitigation and operational benefits of using PIN, and therefore is functionality that should only be used during the transition to PIN as the standard CVM. It is also important to note that Issuers will be likely to decline PIN ypass transactions as they appear more risky than PIN-based transactions. October

14 Step 7: Terminal Risk Management American Express has configuration differences. During Terminal risk management, a series of checks based on information provided by the card and the Acquirer are performed. The EMV specifications detail several checks that can be performed as part of Terminal risk management. American Express mandates that Floor Limit checking and random transaction selection be performed; all other checks are optional based on the Terminal s confi guration. The results of these checks are stored by the Terminal for later use in the TVR. Step 8: 1st Terminal Action Analysis American Express has configuration differences. 1st Terminal action analysis compares the results of Offline data authentication, processing restrictions, Cardholder Verification, and Terminal risk management to rules set by the Issuer and American Express. This process determines whether the Terminal requests that the transaction is approved Offline, sent Online for authorization, or declined Offline. REQUIREMENTS Y TRANSACTION STEP The Issuer rules are stored in the Chip Card in fields called Issuer Action Codes (IACs); the American Express rules reside in the Terminal as the Terminal Action Codes (TACs). The Terminal compares the TVR values stored during Offline processing with the IACs and TACs to determine whether any of the transaction conditions in the TVR indicate the Terminal will request that the transaction be declined or sent Online. If this is not the case, then the Terminal will request that the transaction be approved Offline by the Chip Card. After determining whether to request the transaction be approved, declined, or sent Online to the Acquirer, the Terminal requests a Cryptogram from the Chip Card. The type of Cryptogram requested depends on whether the Terminal requires a Transaction Certificate (TC) for an approval, an Authorization Request Cryptogram (ARQC) for a request to go Online, or an Application Authentication Cryptogram (AAC) for a decline. Like the other Payment rands, American Express has specific TAC values that must be loaded into Terminals. The TAC values for American Express are detailed in the table below: Table 3: American Express TAC values Default C Online C Denial Step 9: 1st Card Action Analysis American Express has the same requirements as the EMV specifications. Upon receiving the request from the Terminal, the Chip Card performs the 1st card action analysis. Here, risk management checks are performed by the Chip Card to determine the appropriate response to the Terminal s request. The Chip Card may overrule the Terminal s request. For example, the Chip Card could receive a request from the Terminal for an Offline approval, but the Chip Card may return a Cryptogram indicating that either October

15 an Online transaction or an Offline decline is required. This is dictated by the Chip Card s risk management parameters (as set by the Issuer). The results of this analysis are stored for later use by the Chip Card in the Card Verification Results (CVR). Step 10: Online Transaction Processing American Express has configuration differences. If the Chip Card or Terminal determines that the transaction requires an Online authorization (and if the Terminal has Online capability), the Terminal transmits an Online authorization message to the Acquirer. If the Chip Card or Terminal determines that the transaction requires Offline authorization, the Terminal will proceed with transaction completion (see Step 15). If the transaction is required to be sent Online, but the Terminal is unable to send it Online due to technical reasons, the Terminal will proceed to 2nd Terminal action analysis (see Step 12). The message sent to the Acquirer includes the Cryptogram (e.g., ARQC) generated by the Chip Card, the data used to generate the Cryptogram, and indicators showing Offline processing results, including the TVR and CVR. If the Issuer has successfully validated the Cryptogram provided by the Chip Card, Issuer Authentication Data (IAD) will be included in the authorization response message. This data includes an Issuer-generated Cryptogram called an Authorization Response Cryptogram (ARPC) and an Authorization Response Code (ARC) that details the Issuer s decision regarding the transaction. The response may also include updates for the Chip Card, called Issuer Scripts (see Step 14: Issuer Script Processing). REQUIREMENTS Y TRANSACTION STEP If a Terminal receives an authorization response that contains valid information regarding the transaction result, but does not contain the required chip data to perform Issuer Authentication, this is known as a downgraded transaction (see Step 12: 2nd Terminal Action Analysis). October

16 Like the other Payment rands, American Express has a unique message format, which may vary by country. The following table illustrates the mandatory and optional data elements for American Express. Table 4: Mandatory and Optional Data Elements Mandatory Data Elements: AUTHORIZATION REQUEST MESSAGE Terminal Capabilities Indicator Card Input Method Indicator Amount, Authorized (Authorization) / Final Transaction Amount (Settlement) Amount, Other Application Interchange Profile Primary Account Number (PAN) PAN Sequence Number Application Transaction Counter ARQC Issuer Application Data Terminal Country Code TVR Transaction Currency Code Transaction Date Transaction Type Unpredictable Number AUTHORIZATION RESPONSE MESSAGE IAD (this includes the ARPC and the ARC) Issuer Script Data Optional Additional Data Elements: AUTHORIZATION REQUEST MESSAGE Fallback Indicator Application Identifier (Terminal) Application Version Number (Terminal) Cryptogram Information Data CVM Results IACs: Denial, Online, & Default REQUIREMENTS Y TRANSACTION STEP Step 11: Issuer Authentication American Express has the same requirements as the EMV specifications. If the authorization response contains an ARPC, it is mandatory for the Chip Card to perform Issuer authentication by validating the response Cryptogram. Upon receiving an authorization response containing an ARPC, the Terminal submits the ARPC to the Chip Card, using the external authenticate command. This verifies that the response came from the genuine Issuer. It also prevents criminals from circumventing the Chip Card s security features by simulating Online processing and fraudulently approving a transaction. October

17 Step 12: 2nd Terminal Action Analysis American Express has the same requirements as the EMV specifications. There are three distinct scenarios that a Terminal could face at this point in a transaction: EMV data received in the authorization response: When the Issuer has successfully authenticated the card and returned the IAD, then the Terminal can use either the ARC in the IAD or the authorization response message to determine whether to request that the Chip Card approve or decline the transaction. No EMV data received in the authorization response: When the Terminal does not receive any IAD in the response message, then it determines whether to request that the Chip Card approve or decline the transaction. This is determined by using the result of the transaction as indicated in the response message from the Acquirer. The Terminal must then populate the ARC (EMV tag 8A ) to be returned to the Chip Card from the Terminal in the 2nd generate AC command, as follows: 00 for an approval result (i.e., in ASCII 3030 ) 02 for a referral result (i.e., in ASCII 3032 ) 05 for a decline (i.e., in ASCII 3035 ) Terminal was unable to go Online: When the Terminal is unable to go Online, the Terminal determines whether or not to request Offline approval or an Offline decline from the Chip Card, depending on the TAC (default) residing in the Terminal and the IAC (default) read from the Chip Card. REQUIREMENTS Y TRANSACTION STEP Step 13: 2nd Card Action Analysis American Express has the same requirements as the EMV specifications. Following the completion of 2nd Terminal action analysis, the Terminal will ask the Chip Card to either approve or decline the transaction. The Chip Card then performs its own action analysis and makes the final decision as to whether or not the transaction is approved or declined. The Chip Card may decline an Issuer-approved transaction based upon the Issuer authentication results and Issuer encoded parameters in the Chip Card. The Chip Card generates a Cryptogram of type TC for approved transactions and of type AAC for declined transactions. Step 14: Issuer Script Processing American Express has the same requirements as the EMV specifications. However, additional requirements that cover operational functionality outside of the EMV specifications are provided. Within EMV, the Issuer has the ability to send updates to the Chip Card via scripts sent in the authorization response message. An Issuer Script is a collection of card commands constructed and sent by the Issuer for the purpose of updating and managing Chip Cards. Detailed below are American Express requirements for Issuer Script processing: The Terminal shall process the script, whether the transaction was approved or declined. The Terminal passes commands defined in the script to the Chip Card, either before or after it has returned the final AC, depending on the type of script sent. October

18 The Terminal shall process Issuer Scripts with the Chip Card, irrespective of whether Issuer authentication is successful or the transaction is approved or declined. The Terminal shall not display any message to the Merchant indicating either the end of the transaction or card removal until the Chip Card has processed the script. In any authorization response, the Issuer can send multiple scripts. These scripts may contain multiple commands, which shall be processed in the order that they appear within the script. If the card responds to a command with an Issuer Script indicating success or a warning, then the Terminal must continue to process the remaining commands. If the card responds with an error, then the Terminal must terminate processing of any remaining commands. Terminals shall support the processing of Issuer Scripts during this step of the transaction, as well as in Step 13 before the 2nd generate AC command (i.e., support tags 72 and 71 ). The following is an example of a trace of an Issuer Script with multiple commands. Trace Data 72459F FEF34F007CE770DC 61DA847F1E DA8E E031F AC7F4DF1D624A0E Table 5: Data Elements in the Issuer Script Data Element Description 72 Script tag 45H (69D) Length 9F18 Tag 04H (4D) Tag length Script ID 86 Command tag 15H (21D) Length 8424 PIN change command 0002 P1 P2 10H (16D) Length FEF34F007CE770 Data DC61DA847F1E59 MAC 86 Command tag 25H (37D) Length 04DA Put data command 8E00 CVM list update 20H (32D) Length E031F Data AC7F4DF1D624A0ED MAC H = Hexidecimal D = Decimal representation of the hexidecimal value REQUIREMENTS Y TRANSACTION STEP October

19 The following is an example of a trace of an Issuer Script with a single command. Trace Data 72179F E04DA9F580900C E Table 6: Data Elements in the Issuer Script Data Element Description 72 Script tag 17H (23D) Length 9F18 Tag 04H (4D) Tag length Script ID 86 Command tag 0EH (14D) Length 04DA Put data command 9F58 CVM list update 09H (9D) Length 00 Data C E MAC H = Hexidecimal D = Decimal representation of the hexidecimal value REQUIREMENTS Y TRANSACTION STEP Step 15: Transaction Completion American Express has the same requirements as the EMV specifications. However, additional requirements that cover operational functionality outside of the EMV specifications are provided. The Terminal performs final processing to complete the transaction. It is also at this point in the transaction that, if the signature has been determined as the CVM, the receipt is printed and the Cardmember is asked to sign it. October

20 AEIPS Receipt Requirements. Certain format and data requirements must be met with regards to transaction receipts. These are outlined in the following tables and accompanying text. Key to contents in Table 7, column titled M/P/O/C M: Mandatory (always needed), P: Preferred (best practice), O: Optional (can be present), or C: Conditional (dependent on the situation) Table 7: Receipt Data Table Field Description M/P/O/C Merchant Number M* Merchant Name M* Merchant Address M* Transaction Type e.g., Sale, Refund M* PAN M* 1 Expiration Date of Card (MMYY) M* Transaction Data Source e.g., Swiped, Manual Entry, Chip M* Date of Transaction M* Terminal Number (Terminal ID) M* Transaction Number M* Transaction Response e.g., Authorization Code M* Amount of Transaction (Including Currency Symbol) M* Request for Signature (Not Required for PIN Transaction) C Space for Signature (Not Required for PIN Transaction) C Declaration e.g., Please Debit My Account M Retention Reminder M PIN Statement (Only required for PIN) e.g., PIN Verified, PIN Locked C AID M Gratuity Amount O Diagnostic Message P Start Date of Card (MMYY) P Time of Transaction P REQUIREMENTS Y TRANSACTION STEP Application Preferred Name C 2 Payment rand Name/Application Label M Card Type O Cardmember Name O 3 Courtesy Message O Tax Registration Number O Receipt Number (Not Transaction Number) O Goods Amount O Goods Description O October

21 Field Description Tax Rate Exception File Version Number Terminal Software Version Number Cryptogram Type/Value *Indicates data elements that must be stored electronically during a PIN transaction M/P/O/C O O O P Notes on Table 7 1. The PAN on the Cardmember s receipt must be masked per PCI DSS and local legal requirements. 2. Where the application preferred name is present and the Terminal supports the relevant Issuer code table index, then this data element is mandatory. 3. The Cardmember name, if printed, should be printed according to [ISO-7813]. The Cardmember name is received from the chip for an EMV transaction, or from track 1 for a magnetic stripe transaction. REQUIREMENTS Y TRANSACTION STEP EST PRACTICE: Printing of a receipt should begin as soon as possible, so as to overlap with the transaction process. Doing so will minimize the time that the Merchant and Cardmember spend waiting. AEIPS Receipt Layout Requirements. The only mandatory requirement pertaining to the layout of text on a receipt is that the signature and amount are adjacent to one another. Every effort should also be made to ensure that other information is presented logically and clearly (e.g., place date and time adjacent to each other as well as the masked card number and expiration date, etc.). October

22 The receipt layout shown in Figure 2 highlights the additional requirements for a Terminal processing American Express Chip Cards. The red text indicates layout requirements specific to EMV. Figure 2: Receipt Layout Reqirements Receipt Layout Receipt Data LOGO(S) WHERE APPLICALE RETAIL STORE 154 EDWARD STREET RIGHTON N2 2LP Merchant Name Merchant Address MERCHANT ID: TERMINAL ID: ATCH# 0001 ROC# 125 XXXXXXXXXXX1003 (C) AMERICAN EXPRESS EXPIRES 05/12 Merchant Number Terminal Number (Terminal ID) Transaction Number Masked PAN and Transaction Data Source: (S) Swiped (M) Manual Entry or (C) Chip. Card Type and Expiration Date REQUIREMENTS Y TRANSACTION STEP AMEX GOLD A OCT 19, 07 15:33 SALE RRN: ITEM NAME / DESCRIPTION (OPTIONAL) ITEM NAME / DESCRIPTION (OPTIONAL) USER ID: 9999 (OPTIONAL) ASE TIP TOTAL PIN VERIFIED X E SMITH TC A2E51245C4D7E551 AUTHORIZATION CODE: I AGREE TO PAY THE AOVE TOTAL AMOUNT ACCORDING TO THE CARD ISSUER AGREEMENT. MERCHANT COPY Application Label, or Application Preferred Name Card Application Identifier (AID) Time and Date of Transaction Transaction Type Receipt Number Amount of Transaction (Including Currency Symbol) Gratuity Amount PIN Statement or Space for Signature and Request for Signature Cardmember Name Cryptogram Type and Value Transaction Response e.g., Authorization Code Declaration October

23 SECTION 4: SPECIAL TRANSACTION PROCESSING Despite EMV s significant impact on Terminal hardware and software, the processes involved in handling a standard Cardmember transaction are very similar for magnetic stripe and EMV. However, there are some transactions that occur during unique scenarios that, with the introduction of EMV, and especially PIN, require special consideration. This section details American Express requirements in such circumstances Technical Scenarios 4.2. Situational Scenarios 4.3. Unattended Payment Terminal Scenarios Fallback Refunds Cardholder Verification on UPTs Premature Card Removal Card Not Present Fallback on UPTs Referral Transactions Card Not Yet Present Online Capability with UPTs Declined Transactions Transaction Amount Not Yet Known Stand-In Authorization Card No Longer Present Reversals Card Re-Presented For Final Charge Adding a Gratuity 4.1. AEIPS Requirements During Technical Scenarios Fallback When an American Express certified Terminal successfully performs application selection but cannot complete the EMV transaction due to technical reasons, the Terminal is allowed to process the transaction by using a less secure method (e.g., magnetic stripe); this is known as Fallback. The Terminal is allowed to use Fallback as long as the technical error occurs before the card responds to the 1st generate AC command. If the error occurs after this step, the transaction must be declined and Fallback is not allowed. Additionally, before Fallback is allowed, multiple attempts to use the chip must be performed (i.e., a first attempt and retries). American Express recommends that in the event of a chip read failure, a Terminal make two further attempts to read the chip before processing the transaction as Fallback. SPECIAL TRANSACTION PROCESSING The Terminal should respond to the first and second unsuccessful attempts by displaying a meaningful message (e.g., INSERT AGAIN ). After the final unsuccessful attempt, the Terminal shall prompt the Merchant to revert to reading the magnetic stripe as the Fallback option (e.g., PLEASE SWIPE ). If the transaction falls back from EMV technology, the standard checks performed on any magnetic stripe card must be performed. Fallback shall not take place if: the card is blocked; all applications present are blocked; the EMV transaction has already been declined; or the transaction occurs at an Unattended Payment Terminal (UPT). October

24 Identifying Fallback. The Terminal to Acquirer interface shall include an indicator to explicitly identify Fallback transactions. There are two ways in which Fallback transactions can be indicated to American Express: Option 1: Fallback Indicator E.g., POS data code position 7 (card data input mode code) = 9 (Fallback) Option 2: Derived Indicator (Leveraging POS Data Codes) Position 1 (card input capability code) = 5 (ICC) Position 6 (card present code) = 1 (card present) Position 7 (card data input mode code) 5 (ICC). Some examples of possible values include: 2 (magnetic stripe read) 6 (key entered) S (keyed Four-Digit Card Security Code [4CSC] or Four-Digit atch Code [4DC]) EST PRACTICE: American Express recommends that you apply Option 1, as it more accurately identifies Fallback transactions. Floor Limits. American Express mandates a zero Floor Limit for all Fallback transactions, meaning all Fallback transactions must be sent Online for authorization. PAN Key Entry. If the transaction cannot be completed by the chip or magnetic stripe, the transaction may be completed with PAN key entry, subject to agreement with the local Acquirer Premature Card Removal In an EMV transaction, the card must remain in the Terminal for the duration of the transaction; if the Cardmember or Merchant removes the card before the Terminal has reached transaction completion, the Terminal shall cancel the transaction. SPECIAL TRANSACTION PROCESSING If an authorization has taken place, the Terminal shall send a reversal message if the Acquirer and Terminal support reversals. If it is not possible to send a reversal message, then the Terminal shall cancel the transaction, and no settlement data will be sent Referral Transactions As in the current magnetic stripe environment, the Issuer may respond to an authorization request with a referral. Not all Terminals support referrals, in which case the Terminal shall treat a referral response as a decline response. In these circumstances, American Express has the following requirements: The card shall be removed from the Terminal and retained by the Merchant for use during the referral process, as information may be required during the referral call that is not on the Terminal receipt (for example, 4CSC on the front of the card). However, the Terminal must complete the transaction with the card before displaying any message that indicates the removal of the card. October

25 There are two options for how a Terminal can do this: Option 1: The transaction is completed by the Terminal and the chip as though it had been declined (i.e., the Terminal requests an AAC). The Terminal must retain the transaction data until the status of the transaction has been determined. If the transaction is subsequently approved, the Terminal must allow the Merchant to enter the approval code during transaction completion. The approval code must then be included in the submission, along with the ARQC that was generated by the card prior to Online authorization. If the transaction is subsequently declined, the transaction must be declined within the Terminal, with no further card processing. Option 2: The transaction is completed by the Terminal and the chip as though it had been authorized (i.e., the Terminal requests a TC). The Terminal must retain the transaction data until the status of the transaction has been determined. If the transaction is subsequently approved, the Terminal must allow the Merchant to enter the approval code during transaction completion. The approval code must then be included in the submission, along with the TC that was generated by the card. If the transaction is subsequently declined, the transaction must be declined within the Terminal, with no further card processing. EST PRACTICE: American Express recommends that you apply Option 1, as it is more technically correct. At the point of referral, the transaction has not actually been approved. SPECIAL TRANSACTION PROCESSING Declined Transactions In normal circumstances, when an Issuer declines a transaction, the Terminal still performs 2nd Terminal and card action analysis. When the transaction is declined, the Merchant is made aware of this on the Terminal display. In cases where a transaction is declined by the card, Terminal, or Issuer, it shall not be reprocessed using alternative data entry (i.e., magnetic stripe or PAN key entry). Decline and Retain. In exceptional circumstances, the Merchant may be requested (through a response code) to retain the card, which is referred to as decline and retain (also known as decline and pickup ). This code will normally be sent in conjunction with an Issuer Script, which prevents the Chip Card from carrying out further EMV transactions. The retained card message shall not be displayed to the Merchant until the chip has processed the script Stand-In Authorization When the Chip Card and Terminal have determined that a transaction needs to be sent Online, and the American Express Acquirer cannot be contacted due to technical reasons, the IAC and TAC default values are checked to determine whether or not the transaction is to be approved or declined. The Merchant has no October

26 control over this process; however, in the magnetic stripe environment, a Merchant could decide to accept a similar transaction at his or her own risk (subject to Merchant contract). This is called Stand-In authorization. American Express has developed a process that would allow those Merchants who currently perform Stand- In authorization to continue to perform it in the EMV environment. In the event that the American Express Acquirer cannot be contacted, and the Merchant wishes to allow Stand-In authorization, there are three steps that a Terminal must perform: Step 1: Stand-In Eligibility Check. The Terminal shall contain a list of all partial or full AIDs for which it supports Stand-In. The Terminal will compare the AID on the card to the AIDs stored within this list. If a match is found, then the card is eligible for Stand-In. If the Terminal belongs to a Merchant or Acquirer who wishes to support Stand-In authorization for American Express, then the Terminal must hold an indicator to show that Stand-In authorization is allowed for all valid American Express payment applications. If the Terminal identifies an application that is eligible for Stand-In authorization, it must perform Stand-In authorization as described in steps 2 and 3. In the event that the result of the eligibility check indicates that Stand-In processing is not to be performed, then transaction processing continues using the TAC and IAC default values. Step 2: Stand-In Action Code (SAC). A Terminal supporting Stand-In authorization shall hold a dedicated SAC specifically for the purpose of processing Stand-In authorization (one SAC per supported AID). In order to process Stand-In authorization, the Terminal shall check the TVR against the SAC for that AID; and if any of the corresponding TVR bits are set, then the Terminal must request that the Transaction be declined. The following table provides the default settings of American Express SAC. Table 8: Default Settings for American Express SAC* yte it Value 1 8 Offline Data Authentication not Performed 1 7 Offline SDA Failed 1 6 ICC Data Missing 1 5 Card Appears on Terminal Exception File 1 4 Offline DDA Failed 2 7 Expired Application 2 5 Requested Service not Allowed for Card Product 3 8 Cardholder Verification was not Successful 3 6 Offline PIN Try Limit Exceeded 3 4 Offline PIN Required, PIN Pad Present but PIN not Entered 4 6 Upper Consecutive Offline Limit Exceeded SPECIAL TRANSACTION PROCESSING *This table corresponds to an SAC hexadecimal value of F8 50 A October

JCB Terminal Requirements

JCB Terminal Requirements Version 1.0 April, 2008 2008 JCB International Co., Ltd. All rights reserved. All rights regarding this documentation are reserved by JCB Co., Ltd. ( JCB ). This documentation contains confidential and

More information

M/Chip Functional Architecture for Debit and Credit

M/Chip Functional Architecture for Debit and Credit M/Chip Functional Architecture for Debit and Credit Christian Delporte, Vice President, Chip Centre of Excellence, New Products Engineering Suggested routing: Authorization, Chargeback, Chip Technology,

More information

MasterCard PayPass. M/Chip, Acquirer Implementation Requirements. v.1-a4 6/06

MasterCard PayPass. M/Chip, Acquirer Implementation Requirements. v.1-a4 6/06 MasterCard PayPass M/Chip, Acquirer Implementation Requirements v.1-a4 6/06 TABLE OF CONTENTS 1 USING THESE REQUIREMENTS...4 1.1 Purpose...4 1.2 Scope...4 1.3 Audience...5 1.4 Overview...5 1.5 Language

More information

Fundamentals of EMV. Guy Berg Senior Managing Consultant MasterCard Advisors guy_berg@mastercard.com 914.325.8111

Fundamentals of EMV. Guy Berg Senior Managing Consultant MasterCard Advisors guy_berg@mastercard.com 914.325.8111 Fundamentals of EMV Guy Berg Senior Managing Consultant MasterCard Advisors guy_berg@mastercard.com 914.325.8111 EMV Fundamentals Transaction Processing Comparison Magnetic Stripe vs. EMV Transaction Security

More information

A Guide to EMV. Version 1.0 May 2011. Copyright 2011 EMVCo, LLC. All rights reserved.

A Guide to EMV. Version 1.0 May 2011. Copyright 2011 EMVCo, LLC. All rights reserved. A Guide to EMV Version 1.0 May 2011 Objective Provide an overview of the EMV specifications and processes What is EMV? Why EMV? Position EMV in the context of the wider payments industry Define the role

More information

EMV Frequently Asked Questions for Merchants May, 2014

EMV Frequently Asked Questions for Merchants May, 2014 EMV Frequently Asked Questions for Merchants May, 2014 Copyright 2014 Vantiv All rights reserved. Disclaimer The information in this document is offered on an as is basis, without warranty of any kind,

More information

EMVCo Letter of Approval - Contact Terminal Level 2

EMVCo Letter of Approval - Contact Terminal Level 2 May 18, 2015 Richard Pohl Triton Systems of Delaware, LLC 21405 B Street Long Beach MS 39560 USA Re: EMV Application Kernel: Approval Number(s): EMVCo Letter of Approval - Contact Terminal Level 2 Triton

More information

EMV : Frequently Asked Questions for Merchants

EMV : Frequently Asked Questions for Merchants EMV : Frequently Asked Questions for Merchants The information in this document is offered on an as is basis, without warranty of any kind, either expressed, implied or statutory, including but not limited

More information

PayPass M/Chip Requirements. 10 April 2014

PayPass M/Chip Requirements. 10 April 2014 PayPass M/Chip Requirements 10 April 2014 Notices Following are policies pertaining to proprietary rights, trademarks, translations, and details about the availability of additional information online.

More information

Quick Chip for EMV Specification

Quick Chip for EMV Specification Quick Chip for EMV Specification Version 1.2 August 2016 Visa Public EMV is a registered trademark or trademark of EMVCo LLC in the United States and other countries. Important Information on Confidentiality

More information

EMV 96 Integrated Circuit Card Terminal Specification for Payment Systems

EMV 96 Integrated Circuit Card Terminal Specification for Payment Systems EMV 96 Integrated Circuit Card Terminal Specification for Payment Systems Version 3.0 June 30, 1996 1996 Europay International S.A., MasterCard International Incorporated, and Visa International Service

More information

EMVCo Letter of Approval - Contact Terminal Level 2

EMVCo Letter of Approval - Contact Terminal Level 2 February 14, 2014 Marat Serpokrylov Closed joint stock company - CENTER OF FINANCIAL TECHNOLOGIES 35, Koltsovo Koltsovo, vosibirsk Region 630559 Russia Re: EMV Application Kernel: Approval Number(s): EMVCo

More information

Acquirer Device Validation Toolkit (ADVT)

Acquirer Device Validation Toolkit (ADVT) Acquirer Device Validation Toolkit (ADVT) Frequently Asked Questions (FAQs) Version: 2.0 January 2007 This document provides users of Visa s Acquirer Device Validation Toolkit (ADVT) with answers to some

More information

A Guide to EMV Version 1.0 May 2011

A Guide to EMV Version 1.0 May 2011 Table of Contents TABLE OF CONTENTS... 2 LIST OF FIGURES... 4 1 INTRODUCTION... 5 1.1 Purpose... 5 1.2 References... 5 2 BACKGROUND... 6 2.1 What is EMV... 6 2.2 Why EMV... 7 3 THE HISTORY OF EMV... 8

More information

PayPass - M/Chip Requirements. 5 December 2011

PayPass - M/Chip Requirements. 5 December 2011 PayPass - M/Chip Requirements 5 December 2011 Notices Proprietary Rights The information contained in this document is proprietary and confidential to MasterCard International Incorporated, one or more

More information

EMVCo Letter of Approval - Terminal Level 2

EMVCo Letter of Approval - Terminal Level 2 April 06, 2011 Lorraine LEPINE France Telecom Direction Publiphonie (FT/OPF/MHGP/DMP/PUB) Orange Village, 1 avenue Nelson Mandela 94745 ARCUEIL France Re: EMV Application Kernel: Approval Number(s): EMVCo

More information

Requirements for an EMVCo Common Contactless Application (CCA)

Requirements for an EMVCo Common Contactless Application (CCA) Requirements for an EMVCo 20.01.2009 CIR Technical Working Group Table of Contents 1 Introduction...1 2 Common Contactless Application Business Requirements...2 3 Card Requirements...3 4 Terminal Requirements...4

More information

EMV: A to Z (Terms and Definitions)

EMV: A to Z (Terms and Definitions) EMV: A to Z (Terms and Definitions) First Data participates in many industry forums, including the EMV Migration Forum (EMF). The EMF is a cross-industry body focused on supporting an alignment of the

More information

Visa Recommended Practices for EMV Chip Implementation in the U.S.

Visa Recommended Practices for EMV Chip Implementation in the U.S. CHIP ADVISORY #20, UPDATED JULY 11, 2012 Visa Recommended Practices for EMV Chip Implementation in the U.S. Summary As issuers, acquirers, merchants, processors and vendors plan and begin programs to adopt

More information

U.S. EMV Debit Implementation Guidelines for POS Acquirers

U.S. EMV Debit Implementation Guidelines for POS Acquirers U.S. EMV Debit Implementation Version 1.0 August 15, 2014 About Debit Network Alliance Debit Network Alliance LLC (DNA) is a Delaware limited liability company owned by ten U.S. Debit Networks, and open

More information

Extending EMV payment smart cards with biometric on-card verification

Extending EMV payment smart cards with biometric on-card verification Extending EMV payment smart cards with biometric on-card verification Olaf Henniger 1 and Dimitar Nikolov 2 1 Fraunhofer Institute for Computer Graphics Research IGD Fraunhoferstr. 5, D-64283 Darmstadt,

More information

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com EMV FAQs Contact us at: CS@VancoPayments.com Visit us online: VancoPayments.com What are the benefits of EMV cards to merchants and consumers? What is EMV? The acronym EMV stands for an organization formed

More information

EMVCo Letter of Approval - Contact Terminal Level 2 - Restricted Renewal with restriction

EMVCo Letter of Approval - Contact Terminal Level 2 - Restricted Renewal with restriction September 09, 2014 Luc Porchon PARKEON Le Barjac 1 Boulevard Victor 75015 Paris France Re: EMVCo Letter of Approval - Contact Terminal Level 2 - Restricted Renewal with restriction EMV Application Kernel:

More information

What is EMV? What is different?

What is EMV? What is different? U.S. consumers are receiving new debit and credit cards with embedded chip technology that better stores and protects cardholder information. These new chip cards are part of the new card standard, Europay,

More information

Chip Terms Explained A Guide to Smart Card Terminology

Chip Terms Explained A Guide to Smart Card Terminology Chip Terms Explained A Guide to Smart Card Terminology Contents 1 AAC Application Authentication Cryptogram AID Application Identifier Applet ARQC Authorization Request Cryptogram ARPC Authorization Response

More information

Re: EMVCo Letter of Approval - Contact Terminal Level 2

Re: EMVCo Letter of Approval - Contact Terminal Level 2 April 07, 2014 Michael Li Wizarpos International Co., Ltd. Suite B904, Hi-Tech King World, 666 East Beijing Road Shanghai 200001 People's Republic of China Re: EMVCo Letter of Approval - Contact Terminal

More information

August 07, Chuck Hayes Triton Systems of Delaware, LLC B Street Long Beach MS USA. Re: EMVCo Letter of Approval - Terminal Level 2

August 07, Chuck Hayes Triton Systems of Delaware, LLC B Street Long Beach MS USA. Re: EMVCo Letter of Approval - Terminal Level 2 August 07, 2012 Chuck Hayes Triton Systems of Delaware, LLC 21405 B Street Long Beach MS 39560 USA Re: EMVCo Letter of Approval - Terminal Level 2 EMV Application Kernel: Approval Number(s): EMV.LIB v3.0.

More information

Your Reference Guide to EMV Integration: Understanding the Liability Shift

Your Reference Guide to EMV Integration: Understanding the Liability Shift Your Reference Guide to EMV Integration: Understanding the Liability Shift UNDERSTANDING EMV EMVCo was formed in February 1999 by Europay, MasterCard and Visa to establish and maintain global interoperability

More information

The Canadian Migration to EMV. Prepared By:

The Canadian Migration to EMV. Prepared By: The Canadian Migration to EMV Prepared By: December 1993 Everyone But The USA Is Migrating The international schemes decided Smart Cards are the way forward Europay, MasterCard & Visa International Produced

More information

Payment Card Industry (PCI) Data Security Standard. PCI DSS Applicability in an EMV Environment A Guidance Document Version 1

Payment Card Industry (PCI) Data Security Standard. PCI DSS Applicability in an EMV Environment A Guidance Document Version 1 Payment Card Industry (PCI) Data Security Standard PCI DSS Applicability in an EMV Environment A Guidance Document Version 1 Release date: 5 October 2010 Table of Contents 1 Executive Summary... 3 1.1

More information

EPC020-08 12.12.2013 SEPA CARDS STANDARDISATION (SCS) "VOLUME" BOOK 2

EPC020-08 12.12.2013 SEPA CARDS STANDARDISATION (SCS) VOLUME BOOK 2 EPC020-08 12.12.2013 (Vol Ref. 7.2.1.00) SEPA CARDS STANDARDISATION (SCS) "VOLUE" BOOK 2 FUNCTIONAL REQUIREENTS PART OF THE APPROVED VERSION OF SCS VOLUE V7.0 Payments and Withdrawals with Cards in SEPA

More information

FUTURE PROOF TERMINAL QUICK REFERENCE GUIDE. Review this Quick Reference Guide to. learn how to run a sale, settle your batch

FUTURE PROOF TERMINAL QUICK REFERENCE GUIDE. Review this Quick Reference Guide to. learn how to run a sale, settle your batch QUICK REFERENCE GUIDE FUTURE PROOF TERMINAL Review this Quick Reference Guide to learn how to run a sale, settle your batch and troubleshoot terminal responses. INDUSTRY Retail and Restaurant APPLICATION

More information

Master Thesis Towards an Improved EMV Credit Card Certification

Master Thesis Towards an Improved EMV Credit Card Certification Master Thesis Towards an Improved EMV Credit Card Certification Version of June 26, 2007 Etienne Gerts Master Thesis Towards an Improved EMV Credit Card Certification THESIS submitted in partial fulfillment

More information

Payments Transformation - EMV comes to the US

Payments Transformation - EMV comes to the US Accenture Payment Services Payments Transformation - EMV comes to the US In 1993 Visa, MasterCard and Europay (EMV) came together and formed EMVCo 1 to tackle the global challenge of combatting fraudulent

More information

Beyond Cards and Terminals: Considerations for Testing Host-to-Host EMV Processing

Beyond Cards and Terminals: Considerations for Testing Host-to-Host EMV Processing Beyond Cards and Terminals: Considerations for Testing Host-to-Host EMV Processing Most EMV TM 1 testing focuses on cards and terminals. Card and terminal functionality is critical, but verifying your

More information

What Merchants Need to Know About EMV

What Merchants Need to Know About EMV Effective November 1, 2014 1. What is EMV? EMV is the global standard for card present payment processing technology and it s coming to the U.S. EMV uses an embedded chip in the card that holds all the

More information

Re: EMVCo Letter of Approval - Contact Terminal Level 2

Re: EMVCo Letter of Approval - Contact Terminal Level 2 January 12, 2015 Rémy de Fenoyl Monext Tour Ariane 5 Place de la Pyramide PARIS CEDEX LA DEFENSE 92088 France Re: EMVCo Letter of Approval - Contact Terminal Level 2 EMV Application Kernel: Ing_EMV_Kernel

More information

EMV and Small Merchants:

EMV and Small Merchants: September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service

More information

Chip & PIN is definitely broken. Credit Card skimming and PIN harvesting in an EMV world

Chip & PIN is definitely broken. Credit Card skimming and PIN harvesting in an EMV world Chip & PIN is definitely broken Credit Card skimming and PIN harvesting in an EMV world Andrea Barisani Daniele Bianco Adam Laurie Zac Franken

More information

First Data s Program on EMV

First Data s Program on EMV First Data s Program on EMV Independent Software Vendors November 2014 Copyright 2013 First Data Corporation 1 Agenda EMV Overview & Background Processing Certification EMV Complementary Products Rapid

More information

The EMV Readiness. Collis America. Guy Berg President, Collis America berg@collisamerica.com +1 651 925 5411

The EMV Readiness. Collis America. Guy Berg President, Collis America berg@collisamerica.com +1 651 925 5411 The EMV Readiness Collis America Guy Berg President, Collis America berg@collisamerica.com +1 651 925 5411 1 Collis Solutions & Markets Finance Consultancy Card Payments SEPA Financial Risk Mgmt Test Tools

More information

EMV DEBIT ROUTING VERIFONE.COM

EMV DEBIT ROUTING VERIFONE.COM EMV Debit Routing Overview Complying with the EMVCo requirements, card network requirements and meeting the Durbin Amendment debit routing regulation (Regulation II), while managing debit card processing

More information

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development A Heartland Payment Systems White Paper 2014 Heartland Secure. By: Michael English Executive Director, Product Development 2014 Heartland Payment Systems. All trademarks, service marks and trade names

More information

Mitigating Fraud Risk Through Card Data Verification

Mitigating Fraud Risk Through Card Data Verification Risk Management Best Practices 11 September 2014 Mitigating Fraud Risk Through Card Data Verification AP, Canada, CEMEA, LAC, U.S. Issuers, Processors With a number of cardholder payment options (e.g.,

More information

Using EMV Cards to Protect E-commerce Transactions

Using EMV Cards to Protect E-commerce Transactions Using EMV Cards to Protect E-commerce Transactions Vorapranee Khu-Smith and Chris J. Mitchell Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, United Kingdom {V.Khu-Smith,

More information

PayPass M/Chip. Reader Card Application Interface Specification

PayPass M/Chip. Reader Card Application Interface Specification PayPass /Chip Reader Card Application Interface Specification Version 2.0 September 2008 Proprietary Rights The information contained in this document is proprietary and confidential to astercard International

More information

SMARTCARD FRAUD DETECTION USING SECURE ONETIME RANDOM MOBILE PASSWORD

SMARTCARD FRAUD DETECTION USING SECURE ONETIME RANDOM MOBILE PASSWORD SMARTCARD FRAUD DETECTION USING SECURE ONETIME RANDOM MOBILE PASSWORD Ramesh Javvaji 1, Roopa Goje 2, Praveen Pappula 3 Assistant professor, Computer Science & Engineering, SR Engineering College, Warangal,

More information

Integrated EFTPOS User Guide

Integrated EFTPOS User Guide business Integrated EFTPOS User Guide www.bendigobank.com.au Table of contents Keypad layout....3 Debit card purchase...4 Credit and charge card purchase...5 Processing a tip (restaurants only)...6 Pre-authorisation

More information

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows: What is PCI DSS? PCI DSS is an acronym for Payment Card Industry Data Security Standards. PCI DSS is a global initiative intent on securing credit and banking transactions by merchants & service providers

More information

Introductions 1 min 4

Introductions 1 min 4 1 2 1 Minute 3 Introductions 1 min 4 5 2 Minutes Briefly Introduce the topics for discussion. We will have time for Q and A following the webinar. 6 Randy - EMV History / Chip Cards /Terminals 5 Minutes

More information

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization Frequently Asked Questions What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization Issuers across the United States are beginning to embark in the planning and execution phase

More information

Chip & PIN is definitely broken v1.4. Credit Card skimming and PIN harvesting in an EMV world

Chip & PIN is definitely broken v1.4. Credit Card skimming and PIN harvesting in an EMV world Chip & PIN is definitely broken Credit Card skimming and PIN harvesting in an EMV world Andrea Barisani Daniele Bianco Adam Laurie Zac Franken

More information

QUICK REFERENCE CHIP CARD TRANSACTION

QUICK REFERENCE CHIP CARD TRANSACTION QUICK REFERENCE CHIP CARD TRANSACTION Hypercom/Verifone T-42 POS Point of Sale Terminal Ver. 0413.1 PROCESS A WITH CHIP CARD The terminal screen will display The terminal is ready to process a different

More information

E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y. February 2014

E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y. February 2014 E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y February 2014 A G E N D A EMV Overview EMV Industry Announcements EMV Transaction Differences, What to Expect Solution

More information

MasterCard Contactless Reader v3.0. INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0

MasterCard Contactless Reader v3.0. INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0 MasterCard Contactless Reader v3.0 INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0 Introduction to MasterCard Contactless Reader v3.0 Contents 1. Introduction...2 2. Background...3 2.1 Reader Applications...3

More information

Prevention Is Better Than Cure EMV and PCI

Prevention Is Better Than Cure EMV and PCI Prevention Is Better Than Cure EMV and PCI Prevention Is Better Than Cure An independent view on the effectiveness of EMV and PCI in case of large-scale card compromise. Over the past couple of months,

More information

EMV and Restaurants What you need to know! November 19, 2014

EMV and Restaurants What you need to know! November 19, 2014 EMV and Restaurants What you need to know! Mike English Executive Director of Product Development Kristi Kuehn Sr. Director, Compliance November 9, 204 Agenda EMV overview Timelines Chip Card Liability

More information

Chip and PIN Programme. Guideline G18. Configuring Integrated Systems

Chip and PIN Programme. Guideline G18. Configuring Integrated Systems Chip and PIN Programme Guideline G18 Configuring Integrated Systems The information contained within this document has been prepared by the Chip and PIN PMO, for use by participants in the Programme only.

More information

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire B and Attestation of Compliance

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire B and Attestation of Compliance Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire B and Attestation of Compliance Imprint Machines or Stand-alone Dial-out Terminals Only, no Electronic Cardholder Data Storage

More information

EMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems

EMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems October 2014 EMV and Restaurants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service marks

More information

PayPass. Level 2 Terminal Testing Test Descriptions for TIP and NIV cards

PayPass. Level 2 Terminal Testing Test Descriptions for TIP and NIV cards PayPass Level 2 Terminal Testing Test Descriptions for TIP and NIV cards Copyright The information contained in this manual is proprietary and confidential to MasterCard International Incorporated (MasterCard)

More information

EMV: Integrated Circuit Card Specifications for Payment Systems

EMV: Integrated Circuit Card Specifications for Payment Systems : Integrated Circuit Card Specifications for Payment Systems Jan Krhovják Faculty of Informatics, Masaryk University Jan Krhovják (FI MU) EMV (Europay, MasterCard, Visa) 20. 3. 2006 1 / 13 Outline EMV

More information

EMV in Hotels Observations and Considerations

EMV in Hotels Observations and Considerations EMV in Hotels Observations and Considerations Just in: EMV in the Mail Customer Education: Credit Card companies have already started customer training for the new smart cards. 1 Questions to be Answered

More information

EMV (Chip and PIN) Project. EMV card

EMV (Chip and PIN) Project. EMV card EMV (Chip and PIN) Project Student: Khuong An Nguyen Supervisor: Professor Chris Mitchell Year: 2009-2010 Full Unit Project EMV card 1 Contents Figures... 6 Tables... 7 1. Introduction... 8 1.1 Electronic

More information

Merchant Integration Guide

Merchant Integration Guide Merchant Integration Guide Card Not Present Transactions Authorize.Net Customer Support support@authorize.net Authorize.Net LLC 071708 Authorize.Net LLC ( Authorize.Net ) has made efforts to ensure the

More information

THE ROAD TO U.S. EMV MIGRATION Information and Strategies to Help Your Institution Make the Change

THE ROAD TO U.S. EMV MIGRATION Information and Strategies to Help Your Institution Make the Change THE ROAD TO U.S. EMV MIGRATION Information and Strategies to Help Your Institution Make the Change Advancements in technological capabilities, along with increasing levels of counterfeit fraud, led the

More information

EMV's Role in reducing Payment Risks: a Multi-Layered Approach

EMV's Role in reducing Payment Risks: a Multi-Layered Approach EMV's Role in reducing Payment Risks: a Multi-Layered Approach April 24, 2013 Agenda EMV Rationale Why is this worth the effort? Guides how we implement it EMV Vulnerability at the POS EMV Impact on CNP

More information

Smart Cards for Payment Systems

Smart Cards for Payment Systems White Paper Smart Cards for Payment Systems An Introductory Paper describing how Thales e-security can help banks migrate to Smart Card Technology Background In this paper: Background 1 The Solution 2

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Self-Assessment Questionnaire D Service Providers For use with PCI DSS Version 3.1 Revision 1.1 July 2015 Section 1: Assessment

More information

Payments and Withdrawals with Cards in SEPA Applicable Standards and Certification Process

Payments and Withdrawals with Cards in SEPA Applicable Standards and Certification Process Doc: EPC020-08 14 December 2011 (Version 6.0) SEPA CARDS STANDARDISATION (SCS) VOLUME BOOK OF REQUIREMENTS Payments and Withdrawals with Cards in SEPA Applicable Standards and Certification Process Abstract

More information

Converge. Chip and PIN (EMV) Transaction Processing Addendum. Revision Date: February 2016

Converge. Chip and PIN (EMV) Transaction Processing Addendum. Revision Date: February 2016 Converge Chip and PIN (EMV) Transaction Processing Addendum Revision Date: February 2016 Two Concourse Parkway, Suite 800, Atlanta, GA 30328 Elavon Incorporated 2016. All Rights Reserved Copyright Copyright

More information

Security Rules and Procedures Merchant Edition

Security Rules and Procedures Merchant Edition Security Rules and Procedures Merchant Edition 31 March 2016 SPME Contents Contents Chapter 1: Customer Obligations... 7 1.1 Compliance with the Standards...8 1.2 Conflict with Law...8 1.3 The Security

More information

Information about this New Guide

Information about this New Guide Information about this New Guide New Guide This PayPass POS Host/Payment Software Implementation Guide, dated September 2007, is an entirely new guide. Contents This guide helps point-of-sale (POS) host/payment

More information

Volume PLANETAUTHORIZE PAYMENT GATEWAY. vtiger CRM Payment Module. User Guide

Volume PLANETAUTHORIZE PAYMENT GATEWAY. vtiger CRM Payment Module. User Guide Volume 2 PLANETAUTHORIZE PAYMENT GATEWAY vtiger CRM Payment Module User Guide S A L E M A N A G E R M E R C H A N T S E R V I C E S User Guide and Installation Procedures Information in this document,

More information

PROTECT YOUR BUSINESS FROM LOSSES WHILE ACCEPTING CREDIT CARDS

PROTECT YOUR BUSINESS FROM LOSSES WHILE ACCEPTING CREDIT CARDS PROTECT YOUR BUSINESS FROM LOSSES WHILE ACCEPTING CREDIT CARDS TABLE OF CONTENTS Introduction...1 Preventing Fraud in a Card-Present Environment...2 How to Reduce Chargebacks in a Card-Present Environment...4

More information

Card Payments Roadmap in the United States: How Will EMV Impact the Future Payments Infrastructure?

Card Payments Roadmap in the United States: How Will EMV Impact the Future Payments Infrastructure? Card Payments Roadmap in the United States: How Will EMV Impact the Future Payments Infrastructure? A Smart Card Alliance Payments Council White Paper Publication Date: September 2012 Publication Number:

More information

Steps for staying PCI DSS compliant Visa Account Information Security Guide October 2009

Steps for staying PCI DSS compliant Visa Account Information Security Guide October 2009 Steps for staying PCI DSS compliant Visa Account Information Security Guide October 2009 The guide describes how you can make sure your business does not store sensitive cardholder data Contents 1 Contents

More information

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud Serving millions of people worldwide with electronic payment convenience. Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud Copyright 2011 Euronet Worldwide, Inc. All

More information

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire B and Attestation of Compliance

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire B and Attestation of Compliance Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire B and Attestation of Compliance Merchants with Only Imprint Machines or Only Standalone, Dial-out Terminals Electronic Cardholder

More information

American Express Contactless Payments

American Express Contactless Payments PRODUCT CAPABILITY GUIDE American Express Contactless Payments American Express Contactless Payments Help Enable Increased Convenience For Card Members At The Point Of Sale American Express contactless

More information

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means EMV and Chip Cards Key Information On What This Is, How It Works and What It Means Document Purpose This document is intended to provide information about the concepts behind and the processes involved

More information

Security Rules and Procedures Merchant Edition. 5 February 2015

Security Rules and Procedures Merchant Edition. 5 February 2015 Security Rules and Procedures Merchant Edition 5 February 2015 Notices Notices Proprietary Rights The information contained in this document is proprietary and confidential to MasterCard International

More information

UPCOMING SCHEME CHANGES

UPCOMING SCHEME CHANGES UPCOMING SCHEME CHANGES MERCHANTS/PARTNERS/ISO COPY Payvision Ref: Payvision-Upcoming Scheme Changes (v1.0)-march 2016 1 Rights of use: COMPLYING WITH ALL APPLICABLE COPYRIGHT LAWS IS THE RESPONSABILITY

More information

Merchant Integration Guide

Merchant Integration Guide Merchant Integration Guide Card Not Present Transactions January 2012 Authorize.Net Developer Support http://developer.authorize.net Authorize.Net LLC 082007 Ver.2.0 Authorize.Net LLC ( Authorize.Net )

More information

EMV (Chip-and-PIN) Protocol

EMV (Chip-and-PIN) Protocol EMV (Chip-and-PIN) Protocol Märt Bakhoff December 15, 2014 Abstract The objective of this report is to observe and describe a real world online transaction made between a debit card issued by an Estonian

More information

Acceptance to Minimize Fraud

Acceptance to Minimize Fraud Best Practices for Credit Card Acceptance to Minimize Fraud By implementing best practices in credit card processing, you decrease the likelihood of fraudulent transactions and chargebacks. In general,

More information

Community Financial Institution EMV Readiness

Community Financial Institution EMV Readiness Community Financial Institution EMV Readiness EMV is a trademark owned by EMVCo LLC 2014 First Data Corporation. All Rights Reserved. Copyright 2014 First Data Corporation EMV Timeline 2011: EMV technology

More information

Merchant e-solutions Payment Gateway Back Office User Guide. Merchant e-solutions January 2011 Version 2.5

Merchant e-solutions Payment Gateway Back Office User Guide. Merchant e-solutions January 2011 Version 2.5 Merchant e-solutions Payment Gateway Back Office User Guide Merchant e-solutions January 2011 Version 2.5 This publication is for information purposes only and its content does not represent a contract

More information

Virtual Payment Client Integration Reference. April 2009 Software version: 3.1.21.1

Virtual Payment Client Integration Reference. April 2009 Software version: 3.1.21.1 Virtual Payment Client Integration Reference April 2009 Software version: 3.1.21.1 Copyright MasterCard and its vendors own the intellectual property in this Manual exclusively. You acknowledge that you

More information

AIB Merchant Services AIB Merchant Services Quick Reference Guide Ingenico

AIB Merchant Services AIB Merchant Services Quick Reference Guide Ingenico AIB Merchant Services AIB Merchant Services Quick Reference Guide Ingenico AIB Merchant Services AIBMS Quick Reference Guide This quick reference guide has been designed to answer the most common queries

More information

DPS POS Integration Certification Request and Test Scripts

DPS POS Integration Certification Request and Test Scripts DPS POS Integration Certification Request and Test Scripts 1 DOCUMENT HISTORY Version Author Date 3.0.0 David Merry 01/2012 3.0.1 Grant Shannon 01/2012 3.0.2 David Merry 01/2012 3.0.3 James Rees 06/2013

More information

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP WHERE IS THE U.S. PAYMENT CARD INDUSTRY NOW? WHERE IS IT GOING? Today, payment and identification cards of all types (credit

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Standard Attestation of Compliance for Self-Assessment Questionnaire D Service Providers Version 3.1 April 2015 Section 1: Assessment Information Instructions for Submission

More information

Visa U.S. Merchant EMV Chip Acceptance Readiness Guide. 10 Steps to Planning Chip Implementation for Contact and Contactless Transactions

Visa U.S. Merchant EMV Chip Acceptance Readiness Guide. 10 Steps to Planning Chip Implementation for Contact and Contactless Transactions Visa U.S. Merchant EMV Chip Acceptance Readiness Guide 10 Steps to Planning Chip Implementation for Contact and Contactless Transactions Visa U.S. Merchant EMV Chip Acceptance Readiness Guide 10 Steps

More information

Guide to Data Field Encryption

Guide to Data Field Encryption Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations

More information

Web Services Credit Card Errors A Troubleshooter

Web Services Credit Card Errors A Troubleshooter Web Services Credit Card Errors A Troubleshooter January 2014 This manual and accompanying electronic media are proprietary products of Optimal Payments plc. They are to be used only by licensed users

More information

Plotting a Course for EMV Compliance

Plotting a Course for EMV Compliance Plotting a Course for EMV Compliance Plotting a Course for EMV Compliance PCI compliance...emv compliance by now, you ve heard repeatedly that your store or restaurant must be EMV-compliant by the recently

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.0 February 2014 Section 1: Assessment Information Instructions for Submission

More information

PREVENTING PAYMENT CARD DATA BREACHES

PREVENTING PAYMENT CARD DATA BREACHES NEW SCIENCE TRANSACTION SECURITY ARTICLE PREVENTING PAYMENT CARD DATA BREACHES DECEMBER 2014 UL.COM/NEWSCIENCE NEW SCIENCE TRANSACTION SECURITY OVERVIEW From research on the latest electronic transaction

More information

Maintenance Manual Version 1.02

Maintenance Manual Version 1.02 Maintenance Manual Version 1.02 ict2xx, ipp3xx, iwl2xx and ismp terminals Contents Introduction... 4 Terminal overview... 5 Terminals... 6 Troubleshooting... 7 Troubleshooting ECR... 7 Troubleshooting

More information