Revision as of 17:17, 25 June 2009 edit 78.33.73.197 (talk) No edit summary ← Previous edit		Revision as of 17:18, 25 June 2009 edit undo 78.33.73.197 (talk) No edit summary Next edit →
Line 9: ==Protocol details== [[Image:Nordea_e-kod.jpg\|right\|thumb\|A Nordea E-code reader]]▼ In all three modes, the CAP reader asks the EMV card to output a data packet that confirms the cancellation of a fictitious EMV payment transaction, which involves the details entered by the user. This confirmation message contains a [[message authentication code]] (typically [[CBC-MAC]]/[[TDES]]) that is generated with the help of a card-specific secret key stored securely in the smartcard. Such cancellation messages pose no security risk to the regular EMV payment application, but can be cryptographically verified and are generated by an EMV card only after the correct PIN has been entered. It provided the CAP designers a way to create strong cryptographic evidence that a PIN-activated EMV card is present and has seen some given input data, without having to add any new software functions to already fielded EMV cards. Line 36 ⟶ 37: ==References== ▲[[Image:Nordea_e-kod.jpg\|right\|thumb\|A Nordea E-code reader]] <references/>

Chip Authentication Program: Difference between revisions