WatchData_TimeCOS2.9

All Right Reserved. Watchdata Technologies Pte Ltd

Watchdata TimeCOS

REFERENCE MANUAL

VERSION 2.9


DISCLAIMER Copyright Reserved. This document is the property of “Watchdata Technologies Pte Ltd ”. No part of this document can be reproduced or, otherwise disclosed without prior consent in writing from Watchdata Technologies Pte Ltd. Version Tracking

Document Name

Version Changes Editor Date

TimeCOS 2.9 Initial Document

chengjinhua 3/2005

TimeCOS 2.9_1 English Version

8/2005


Table of Content 1. About TimeCOS 2.9 Reference Manual............................................................. 9

1.1 Overview......................................................................................................... 9 1.2 Reference ........................................................................................................ 9 1.3 Definitions....................................................................................................... 9 1.4 Abbreviations and Notations.......................................................................... 11

2. TimeCOS 2.9 Introduction............................................................................... 14 2.1 About TimeCOS 2.9 ...................................................................................... 14 2.2 TimeCOS Architecture Overview .................................................................. 14

2.2.1 Card Logic infrastructure ........................................................................ 14 2.2.2 Card Operating System Architecture ....................................................... 15 2.2.3 TimeCOS 2.9 Commands Set.................................................................. 16

3. TimeCOS 2.9 File Management .......................................................................... 17 3.1 File structure.................................................................................................. 17 3.2 File format..................................................................................................... 19

3.2.1 Overview ................................................................................................ 19 3.2.2 File type ........................................................................................... 19 3.2.3 File Identifier (FID) and File Name .................................................. 20

3.2.3.1 File Identifier (FID).......................................................................... 20 3.2.3.2 Filename .......................................................................................... 20

3.3 Select Files .............................................................................................. 21 3.4 Dedicated File (DF) ....................................................................................... 21

3.4.1 Master File (MF)..................................................................................... 21 3.4.1.1 Definition ..................................................................................... 21 3.4.1.2 header definition .............................................................................. 22 3.4.1.3 File operations commands ............................................................ 22

3.4.2 Dedicated File .................................................................................. 22 3.4.2.1 Definition ..................................................................................... 22 3.4.2.2 Header file definition.................................................................... 23 3.4.2.3 File Name..................................................................................... 23 3.4.2.4 Files operations commands........................................................... 23

3.5 Common Elementary Files (CEF).............................................................. 23 3.5.1 Binary Files (BF) .................................................................................... 24

3.5.1.1 Definition......................................................................................... 24 3.5.1.2 File Body Structure-Transparent file............................................. 24 3.5.1.3 Header File Definition ................................................................. 24 3.5.1.4 File Operations Commands .......................................................... 24

3.5.2 Fixed-length Record Files (FLRF).................................................... 25 3.5.2.1 Definition......................................................................................... 25 3.5.2.2 File body structures – Fixed length series file................................... 25 3.5.2.3 Header File Definition...................................................................... 25 2.1.1.1 3.5.2.4 File Operations Commands ............................................. 26

3.5.3 Cyclic Record Files (CRF) ............................................................... 26 3.5.3.1 Definition......................................................................................... 26 3.5.3.2 File body structures – Cyclic file ...................................................... 26


3.5.3.3 Header File Definition...................................................................... 27 3.5.3.4 File Operations Commands ............................................................. 27

3.5.4 Elementary Purse File ...................................................................... 27 3.5.4.1 Definition......................................................................................... 27 3.5.4.2 File body structures – Cyclic file ...................................................... 27 3.5.4.3 Header File Definition...................................................................... 28 3.5.4.4 File Operations Commands ............................................................. 28

3.5.5 Electrical Purse/Deposit File ............................................................ 29 3.5.5.1 Definition......................................................................................... 29 3.5.5.2 File body structures – cyclic file ....................................................... 29 3.5.5.3 ED/EP File Header Definition .......................................................... 29 3.5.5.4 File Operations Commands ............................................................. 30

3.5.6 Variable-length Record Files (VLRF) ..................................................... 30 3.5.6.1 Definition......................................................................................... 30 3.5.6.2 File body structures – Variable-length line file ................................. 30 3.5.6.3 File Header Definition ..................................................................... 31 3.5.6.4 File Operations Commands ............................................................. 31

3.6 Secret Elementary files .................................................................................. 32 3.6.1 Key Files ................................................................................................ 32

3.6.1.1 definition.......................................................................................... 32 3.6.1.2 File body structures-variable-length record format........................ 32 3.6.1.3 Key header-- Key type.................................................................. 33 3.6.1.4 File Header definition................................................................... 33 3.6.1.5 File Operations Commands ............................................................. 34

3.6.2 Key......................................................................................................... 34 3.6.2.1 DES Encryption ............................................................................... 34 3.6.2.2 DES Decryption ............................................................................... 34 3.6.2.3 DESMAC......................................................................................... 34 3.6.2.4 Internal key ..................................................................................... 34 3.6.2.5 Maintain Key ............................................................................... 35 3.6.2.6 Master Key................................................................................... 35 3.6.2.7 Pin Unlock Key ............................................................................ 35 3.6.2.8 PIN reset Key............................................................................... 35 3.6.2.9 External Authentication Key ........................................................... 35 3.6.2.10 Change Overdraw Limit Key.................................................... 36 3.6.2.11 Upload Key .............................................................................. 36 3.6.2.12 Purchase Key............................................................................ 36 3.6.2.13 Load Key.................................................................................. 36 3.6.2.14 PIN ................................................................................................ 36 3.6.2.15 Unlock PIN .............................................................................. 37 3.6.3 Master Key................................................................................... 37

3.6.4 Master Key and Key distribution ...................................................... 37 3.6.5 Key Type and Command List.................................................................. 39

3.7 File type and Command List .................................................................... 40 3.8 TimeCOS file structures example............................................................. 42 3.9 File Size Calculation ................................................................................ 43

4 TimeCOS 2.9 Security Management Scheme ....................................................... 44 4.1 Security State........................................................................................... 44

4.1.1 MF security state register ................................................................. 44 4.1.2 DF security state register ................................................................. 44


4.2 Security Access Condition ....................................................................... 45 4.3 Security mechanism ................................................................................ 46 4.4 Cryptographic algorithm ......................................................................... 47

5. Card Initialisation Settings............................................................................... 49 5.1 Card Initialisation .................................................................................... 49 5.2 Card Transmission Protocol ..................................................................... 49 5.3 Post Card Initialisation File Structure....................................................... 49 5.4 Master File............................................................................................... 49 5.5 Key File ................................................................................................... 50 5.6 Card Transmission Key............................................................................ 50 5.7 Explanation ................................................................................................... 51

7 Secure Messaging................................................................................................. 52 7.1 Concept ......................................................................................................... 52

7.1.1 Integrity protection.................................................................................. 52 7.1.2 Confidentiality protection ....................................................................... 52 7.1.3 Integrity and confidentiality protection................................................... 52

7.2 How to implement secure messaging ............................................................. 52 7.2.1 File ......................................................................................................... 52 7.2.2 Key......................................................................................................... 53

7.3 MAC generation procedure............................................................................ 53 7.4 Data Encryption / Decryption procedure ........................................................ 55

7.4.1 Data encryption procedure ...................................................................... 55 7.4.2 Data Decryption procedure............................................................... 57 7.4.3 Session Key ............................................................................................ 58

7.5 Command format for secure messaging ......................................................... 59 7.6 Application Examples.................................................................................... 60

8 Command and Response....................................................................................... 61 8.1 Typical Command and Response Format ....................................................... 61 8.2 Command Format .......................................................................................... 62

8.2.1 Header Field ........................................................................................... 62 8.2.2 Body field ............................................................................................... 62

8.3 Response Format ........................................................................................... 62 8.3.1 Response Data Field ............................................................................... 62 8.3.2 Response Status Word............................................................................. 62

8.4 Meaning of SW1 and SW2 ............................................................................ 63 9 TimeCOS 2.9 Administration & Security Commands Set ..................................... 65

9.1 Append Record.............................................................................................. 65 9.1.1 Description ............................................................................................. 65 9.1.2 Note........................................................................................................ 65 9.1.3 Command Format/Parameter................................................................... 66 9.1.4 Command Data Field .............................................................................. 66 9.1.5 Response Data Field ............................................................................... 66 9.1.6 Response Status Word............................................................................. 67 9.1.7 Application Example............................................................................... 67

9.2 Decrease ........................................................................................................ 68 9.2.1 Description ............................................................................................. 68 9.2.2 Note........................................................................................................ 68 9.2.3 Command Format / Parameter................................................................. 68 9.2.4 Command Data Field .............................................................................. 68 9.2.5 Response Data Field ............................................................................... 69


9.2.6 Response Status Word............................................................................. 69 9.2.7 Application Example: ............................................................................. 69

9.3 External Authentication ................................................................................. 70 9.3.1 Description ............................................................................................. 70 9.3.2 Note........................................................................................................ 70 9.3.3 Command Format and Parameter ............................................................ 70 9.3.4 Command Data Field .............................................................................. 70 9.3.5 Response Data Field ............................................................................... 70 9.3.6 Response Status Word............................................................................. 71 External Authentication process....................................................................... 71 9.3.7 Application Example............................................................................... 72

9.4 Get response .................................................................................................. 72 9.4.1 Description ............................................................................................. 72 9.4.2 Command Format / Parameter................................................................. 73 9.4.3 Command Data Field .............................................................................. 73 9.4.4 Response Data Field ............................................................................... 73 9.4.5 Response Status Word............................................................................. 73 9.4.6 Application Example............................................................................... 73

9.5 Get Challenge ................................................................................................ 74 9.5.1 Description ............................................................................................. 74 9.5.2 Command Format / Parameter................................................................. 74 9.5.3 Command Data Field .............................................................................. 74 9.5.4 Response Data Field ............................................................................... 74 9.5.6 Response Status Word............................................................................. 74

9.6 Increase ......................................................................................................... 74 9.6.1 Description ............................................................................................. 74 9.6.2 Note........................................................................................................ 74 9.6.3 Command Format / Parameter................................................................. 75 9.6.4 Command Data Field .............................................................................. 75 9.6.5 Response Data Field ............................................................................... 75 9.6.6 Response Status Word............................................................................. 75

9.7 Internal Authentication .................................................................................. 76 9.7.1 Description ............................................................................................. 76 9.7.2 Note........................................................................................................ 76 9.7.3 Command Format / parameter................................................................. 76 9.7.4 Command Data Field .............................................................................. 77 9.7.5 Response Data Field ............................................................................... 77 9.7.6 Response Status Word............................................................................. 77 9.7.7 Process of Internal Authentication....................................................... 77 9.7.8 Application Example............................................................................... 78

9.8 Read Binary................................................................................................... 79 9.8.1 Description ............................................................................................. 79 9.8.2 Note........................................................................................................ 79 9.8.3 Command Format / Parameter................................................................. 80 9.8.4 Command Data Field .............................................................................. 80 9.8.5 Response Data Field ............................................................................... 80 9.8.6 Response Status Word............................................................................. 81 9.8.7 Application Example............................................................................... 81

9.9 Read Record .................................................................................................. 82 9.9.1 Description ............................................................................................. 82


9.9.2 Note........................................................................................................ 82 9.9.3 Command Format / Parameter................................................................. 82 9.9.4 Command Data Field .............................................................................. 83 9.9.5 Response Data Field ............................................................................... 83 9.9.6 Response Status Word............................................................................. 83 9.9.7 Application Example............................................................................... 84

9.10 Select File.................................................................................................... 85 9.10.1 Description ........................................................................................... 85 9.10.2 Note...................................................................................................... 85 9.10.3 Command Format / Parameter............................................................... 86 9.10.4 Command Data Field ............................................................................ 86 9.10.5 Response Data Field.............................................................................. 86 9.10.6 Response Data Field.............................................................................. 87 9.10.7 Application Example............................................................................. 87 9.10.8 Select MF while at father-DF or son-DF ............................................... 89 9.10.9 To select file within the same DF or son-DF using File Identifier .......... 89 9.10.10 Select DF using DF filename............................................................... 89

9.11 Unblock....................................................................................................... 90 9.11.1 Description ........................................................................................... 90 9.11.2 Note...................................................................................................... 90 9.11.3 Command Format / Parameter............................................................... 90 9.11.4 Command Data Field ............................................................................ 91 9.11.5 Response Data Field.............................................................................. 91 9.11.6 Response Status Word........................................................................... 91 9.11.7 Application Example............................................................................. 91 9.12.1 Description ........................................................................................... 92 9.12.2 Note...................................................................................................... 92 9.13.3 Command Format / Parameter............................................................... 92 9.12.4 Command Data Field ............................................................................ 93 9.12.5 Response Data Field.............................................................................. 93 9.12.6 Response Status Word........................................................................... 93 9.12.7 Application Example............................................................................. 93

9.13 Update Record ............................................................................................. 94 9.13.1 Description ........................................................................................... 94 9.13.2 Note...................................................................................................... 94 9.13.3 Command Format / Parameter............................................................... 94 9.13.4 Command Data Field ............................................................................ 95 9.13.5 Response Data Field.............................................................................. 95 9.13.6 Response Status Word........................................................................... 95 9.13.7 Application Example............................................................................. 96

9.14 Verify PIN................................................................................................... 97 9.14.1 Description ........................................................................................... 97 9.14.2 Note...................................................................................................... 97 9.14.3 Command Format / Parameter............................................................... 97 9.14.4 Command Data Field ............................................................................ 97 9.14.5 Response Data Field.............................................................................. 98 9.14.6 Response Status Word........................................................................... 98

9.15 Verify & Change PIN .................................................................................. 99 9.15.1 Description ........................................................................................... 99 9.15.2 Note...................................................................................................... 99


9.15.3 Command Format / Parameter............................................................... 99 9.15.4 Command Data Field ............................................................................ 99 9.15.5 Response Data Field.............................................................................. 99 9.15.6 Response Status Word..........................................................................100

9. 16 Create File .................................................................................................101 9.16.1 Description ..........................................................................................101 9.16.2 Note.....................................................................................................101 9.16.3 Command Format / Parameter..............................................................101 9.16.4 Command Data Field ...........................................................................102

9.16.4.1 MF ................................................................................................102 9.16.4.2 DF.................................................................................................102 9.16.4.3 EF .................................................................................................102

9.16.5 Response data Field .............................................................................105 9.16.6 Response Status Word..........................................................................105 9.16.7 Application Example............................................................................105 9.17.1 Description ..........................................................................................107 9.17.2 Note.....................................................................................................107 9.17.3 Command Format / Parameter..............................................................107 9.17.4 Command Data Field ...........................................................................107 9.17.5 Response Data Field.............................................................................107 9.17.6 Response Status Word..........................................................................107

9.18 Erase EF/DF ..............................................................................................108 9.18.1 Description ..........................................................................................108 9.18.2 Note.....................................................................................................108 9.18.3 Command Format / Parameter..............................................................108 9.18.3 Command Data Field ...........................................................................108 9.18.4 Response Data Field.............................................................................108 9.18.5 Response Status Word..........................................................................108

9.19 Set Protocol ................................................................................................110 9.19.1 Description ..........................................................................................110 9.19.2 Note.....................................................................................................110 9.19.3 Command Format / Parameter..............................................................110 9.19.4 Command Data Field ...........................................................................110 9.19.5 Command Data Field ...........................................................................110 9.19.6 Response Data Field.............................................................................111 9.19.7 Response Status Word..........................................................................111 9.19.8 Application Example............................................................................111 9.20.1 Description ..........................................................................................112 9.20.2 Note.....................................................................................................112 9.20.3 Command Format / Parameter..............................................................112 9.20.4 Command Data Field ...........................................................................112

9.20.4.1 Key upload....................................................................................112 9.20.4.2 Key Modification ..........................................................................115

9.20.5 Response Data Field.............................................................................117 9.20.6 Response Status Word..........................................................................117 9.20.7 Application Example............................................................................117


1. About TimeCOS 2.9 Reference Manual

1.1 Overview This reference manual is divided into several chapters as follows: • Brief of TimeCOS

This chapter gives general description on TimeCOS features and architecture. The purpose of this charter is to provide general technical information to TimeCOS users.

• Some examples of TimeCOS file structures TimeCOS file management. • Secure messaging

This charter describes secure massaging concept, procedure and commands, as well as MAC generation, DES encryption/decryption.

• Command and response This charter describes the structures of command and response, as well as the mean of return code SW1SW2.

• TimeCOS Command Αnnex: ATR response for TimeCOS Reset

1.2 Reference • TimeCOS/PSAM Technical Manual

• ISO 7816-3 Electronics signals and transmission protocol. • ISO 7816-4 Inter-industry commands for interchange

1.3 Definitions • Interface device A part of terminal for IC card insertion. It includes

mechanical and electric parts. • Terminal Device which communicates and interfaces to IC card during

card operation. It incorporates the interface device and may also include other components and interfaces such as host communications.

• Command The string transmitted from the terminal to card, which

initiates an action or solicits a response from the card. • Response A message returned by card when card completes

execution of command.

• Function: A process accomplished by one or more commands and resultant actions that are used to perform all or part of a transaction.

• Integrated Circuit Electric component is designed to execute or store

function.

• Integrated Circuit Card A card embedded with one or more integrated circuit ID-1 cards (as description ISO 7810, ISO 7811 and ISO7813)


• Message String sent from terminal to card or from card to terminal, which is without transit control character

• Message Authentication Code This code is generated after calculated

with related data or parameter. It verifies the integrality of message.

• Plaintext Data without encryption.

• Cipher text Enciphered information.

• Key A serial characters are used to control encryption or conversion

• Secret key A key used with symmetric cryptographic techniques and usable only by a set of specified entities.

• Cryptographic: An algorithm that transform data in order to hide or

reveal Algorithm its information content.

• Symmetric Cryptographic Technique A cryptographic technique which sender and receiver all use the same key to transit or convert data. It is impossible to retrieve the data without the key.

• Data Integrity A kind of data attribute that data is not changed by non

authority way

• T=0 Asynchronous transmission protocol for character

• T=1 Asynchronous transmission protocol for block

• Finance Transaction An action to receive or pay money for merchandise or service between cardholder, merchant and bank

• Electronic Deposit (ED) A card application designed for cardholder to

purchase or withdraw PIN protected. It supports load, unload, purchase, cash withdraw, modify overdrew limit and check balance.

• Electronic Purse (EP) An application designed for cardholder to purchase

with small amount of money. It supports load, purchase and check balance. Except the load transaction, no PIN and no transaction record is required.

• Load The card hold transfers money from the corresponding account to his Electronic Deposit or Electronic Purse. Load Transaction must be done on connected terminal.

• Upload The Cardholder transfer part/total amount from ED or EP to the

corresponding account. Upload transaction can only be done at connected terminal.


• Purchase Purchase transaction allows cardholder to buy product or service with the balance in the ED or EP. This transaction can be done at the point of sales (POS) off line. It is compulsory to provide PIN when doing transaction with ED, but not necessary for EP.

• Cash Withdraw This is to allow card holder to withdraw cash with ED.

This transaction can only be done at terminal but the terminal could be off line. Only ED can provide this service and PIN is necessary.

• Overdraw limit Overdraw limit is the credit limit base on ED application.

If the balance in ED is not enough, it allows the cardholder to do transaction within the overdraw limit set by the card provider. The change of overdraw limit can only be done at online terminal and the PIN is necessary.

1.4 Abbreviations and Notations In this reference manual, a standard terminology will be used. AC : Access Condition ADF : Application Definition File AID : Application Identifier APDU : Application Protocol Data Unit

AR : Access rights ATC : Application Transaction Counter

ATR : Answer-To-Reset AUT : Authenticate

BF : Binary File

CEF : Common Elementary File CLA : CLAss COS : Card Operating System

CRF : Cyclic Record File DDF : Directory Definition File DES : Data Encryption System

DF : Dedicated File, as defined by ISO 7816-4 DIR : Directory

EF : Elementary File EPF : Electronic Purse File

ETU : Elementary Time Unit

FAC : Finite Automaton Cryptosystem FCI : File Control Information FPKF : FAC Public Key File

FSKF : FAC Secret Key File FID : File Identification

FLRF : Fixed-Length Record FN : FileName


FSZ : File Size FT : File Type

ICC : Integrated Circuit Card ID : Identifier INS : Instruction

ISO : International Organization for Standardization

KF : Key file

LSB : Least Significant Bit LURN : Last Updated Record Number

MA : Maximum Amount MAC : Message Authentication Code MF : Master File

MSB : Most Significant Bit MTD : Mainframe Transaction Date MTT : Mainframe Transaction Time

NE : Not exist. NR : Number of Record

NWR : Number of Written Record OS : Operating System

PIN : Personal Identification Number POR : Power-On-Reset

RFU : Reserved for Future Use

RL : Record Length RID : Registered Application Provider Identifier

RN : Record Number RSA : Rivest, Shamir, Adleman Algorithm

SAM : Secure Application Module SEF : System Elementary File SFI : Short File Identifier SHA : Secure Hash Algorithm

SKID : Secret Key Identifier SS : Security State

SW : Status Word

TC : Transaction Certificate TLV : File format which consists of tag, length and value.

TN : Transaction Number TTC : Terminal Transaction Counter TTD : Terminal Transaction Date TTT : Terminal Transaction Time


VLRF : Variable-Length Record File The following notations apply: ‘0’ to ‘9’ and ‘A’ to ‘F’ 16 hexadecimal digits XX Any value (single byte) XXXX Any value (double byte) XX……..XX Any value (unknown length)


2. TimeCOS 2.9 Introduction

2.1 About TimeCOS 2.9 TimeCOS (Time Card Operating System) is a smart card operating system developed by Watchdata Technologies Pte Ltd. TimeCOS is fully compliant to ISO7816-1/2/3/4 and China Finance Integrated Circuit Card. TimeCOS features: • Support one card with multiple applications. Each application is independent from another. • Support various types of files. • Support many kinds of secure mechanical • Support various ways of secure messaging (data security & integrity) • Support Single DES, Triple DES • Support electric purse and electric deposit function. • Support many communication protocols: contact card supports ISO 7816 T=0 and T=1 communication protocol.

2.2 TimeCOS Architecture Overview

2.2.1 Card Logic infrastructure

Figure 2-1 Logic Infrastructures

TimeCOS is built-up of the following hardware modules: • CPU Ensure the security of the data in the EEPROM. Prevent fraudulent or illegal access to the data. • RAM It is for TimeCOS store the runtime command parameter, response, security states and temporary keys.


• ROM Memory location for TimeCOS program. •EEPROM Memory location where stores application data. TimeCOS stores the data in the EEPROM according to the file format. Reading and writing of file is allowed only after the access condition is fulfilled.

2.2.2 Card Operating System Architecture TimeCOS system is built-up of 4 basic modules:

• Communication module To oversee communication between card and card terminal, it is according to ISO 7816 standard. Ensure data is protected during communication with external world.

• File management module

Store user data in the EEPROM in the format of file. It ensures fast data response and integrity.

• Security management module

This is the core of the smart card. It involves card authentication and access rights verification.

• Command decoder module

Verify and execute the commands received, according to the received parameter.


2.2.3 TimeCOS 2.9 Commands Set

TimeCOS 2.9 commands set is summarized according to ascending value of CLA / INS as follows:

Item Command CLS INS Function description 1 APPEND RECORD 00/04 E2 Append record 2 VERIFY PIN 00/04 20 Verify PIN command 3 EXTERNAL

AUTHENTICATION 00 82 External authentication

4 GET CHALLENGE 00 84 Get challenge code from card

5 INTERNAL AUTHENTICATION

00 88 Internal authentication

6 SELECT File 00 A4 Select files 7 READ BINARY 00/04 B0 Read binary file 8 READ RECORD 00/04 B2 Read record 9 GET RESPONSE 00 C0 Get response data 10 UPDATE BINARY 00/04 D6 Write binary file 11 UPDATE RECORD 00/04 DC Write record 12 CARD BLOCK 84 16 Block card 13 APPLICATION

UNBLOCK 84 18 Unblock the application

14 APPLICATION BLOCK 84 1E Block the application 15 PIN UNBLOCK 80/84 24 Unblock PIN 16 INITIALIZE 80 50 Initialize transaction 17 CREDIT For Load 80 52 Load / credit 18 DEBIT for Purchase /

Cash Withdraw 80 54 Unload / debit

19 UPDATE OVERDRAFT LIMIT

80 58 Change overdraft limit

20 GET TRANSACTION PROf

80 5A Get transaction prove

21 GET BALANCE 80 5C Read balance 22 RELOAD / CHANGE

PIN 80 5E Reload / change PIN

23 ERASE MF 80 0E To Erase DF 24 Erase EF/DF 00 E4 Unblock PIN which has been

blocked 25 SET PROTOCOL 80 14 Set card communication

parameters 26 UNBLOCK 80/84 2C Unblock blocked PIN 27 DECREASE 80/84 30 Decrease cash value 28 INCREASE 80/84 32 Increase cash value 29 WRITE KEY 80/84 D4 Add or change secret key 30 CREATE FILE 80 E0 Create File


3. TimeCOS 2.9 File Management This Chapter introduces the file system, including the file structures, file architecture, file access methods and file space management.

3.1 File structure TimeCOS 2.9 operation is based on file structures. There are 3 main type of files: - Master file (MF), Dedicated File (DF) and Elementary File (EF). Refer to the figure below.

The MF is the highest of the hierarchy and it is also called the roots directory of the file structure. TimeCOS 2.9 only allows one MF on each card. It can have many DF directories and EF beneath it.

Several DF (son-directories) can be created under the same DF (father-directory). The DF structures are very similar to MS-DOS directories except for that it is limited to only 2 layers. The number of EF and DF contain in the card is unlimited in the sense that it only depends on the amount of EEPROM space available in the card.

For a typically application, the MF, DF and EF organization within the card will be as shown in the diagram below: -

DF = Dedicated file

The diagram below shows a typical directories structure for a card issued by a bank for a payment system. The card consists of an electronic passbook,

MASTER FILE

Elementary File

Father-DF Father-DF

Son-DF Elementary File Elementary File

Elementary File


electronic purse, magnetic stripe application and an undefined card issuer application.

MF EF For a

payment system

Payment system directory

ADF ADF DDF For magnetic stripe

Electronic passbook / purse appl.

Card issuer appl.

EF EF = 21 EF = 22 EF = 24 ADF EF Magnetic Stripe appl. Data

FCI within DF which hold data

Card holder info.

Transact-ion record info.

Electronic passbook file

Electronic Purse file

Card issuer son-appl.

Holds appl. 1 data

EF holds

data for son appl.

Figure 3-2

Note :- ISO-7816-4 standard provides detail information on data stored in data files referenced under directories.


3.2 File format

3.2.1 Overview All Files (MF/DF/EF) are stored in the EEPROM using similar format.

Each File has a 12 bytes header (descriptor) followed by the file body. TimeCOS 2.9 card operating system uses information to manage the files. The File Header stores information regarding the file type (FT), file identifier (FID), file size (FSZ), access rights and checksum (two bytes reserved by OS).

Designator No. of byte File Type 1 File identifier (FID) 2 File body size 2 Access rights 1 Access rights 1 SFID (Available for KF) 1 RFU 1 RFU 1 Checksum 1

Table 3-1

Remark : • The two RFU bytes have different meaning for different files

type. For detail information of file header, can refer to “7.1 create file command”.

• The file format is unique identified when the file is created.

3.2.2 File type TimeCOS supports two type of file:

• Dedicated file (DF) • Elementary file (EF)

The DF at root directory of the file system is called Master file (MF). This file is compulsory for the OS

There are two types of Elementary Files i.e.:- [1] Common Elementary File (CEF) is for storing application data; [2] System Elementary File (SEF) is for storing secret key which can not

be retrieve by the external world.


Each type of file has it own format and structure. It is represented by 1 byte.

File Type

Name Value (Hex)

MF Main File 38 DF Dedicated File 38 BF Binary File 28 FLRF Fixed-length Record File 2A CRF Cyclic Record File 2E EPF Electronic Purse File 2F VLRF Variable-length Record

File 2C

KF Key File 3F

Table 3-2

3.2.3 File Identifier (FID) and File Name

File Identifier is represented by a 2-byte code.

3.2.3.1 File Identifier (FID) File Identifier is the identifier of files and it is represented by two bytes. The TimeCOS can use FID to choose files (Except key files).

• Duplicate FID under the same DF hierarchy is not allowed. • MF File Identifier is 3F00. • Key file Identifier is 0000, FFFF is reserved for future use. • To select a file, use the SELECT command together with the short FID. • Short FID (SFI) is represented by the 5 bits binary number. For that

reason, short FID is limited to maximum of 31 numbers. When the file is created, you can only use short FID between 1 to 31 (i.e. 00001 ~ 11111)

3.2.3.2 Filename File Name refers to the name of DF to recognize DF. Any ADF or DDF can be selected by filename.

The filename of ADF is correspond to it application ID (AID), the format of AID refers to ISO/IEC 7816-5 specification. The length of AID should be 5~16 bytes, and it is separated into two parts: the first part is registered ID with length of 5 bytes. It is managed by registration organization, including country code, application type and ID code of service provider; The second parts (PIX) is optional, its length is 0~11 bytes. This part is defined by service provider.


3.3 Select Files

Files within the card and at different DF levels can be accessed by various means such as by File Identifier and Filename.

• Use FID to select

TimeCOS can select the corresponding files with FID (except Key file).

• Use SFI to select P1 parameter will be used when using READ BINARY, UPDATE BINARY to select a file using short FID.

P1 b7 b6 b5 b4 b3 b2 b1 b0 1 0 0 short FID

If P1 MSB 3 bit is 100, the lower 5 bit is the short FID. Example, if P1 is 81H (10000001), the selected short FID will be 00001.

P2 parameter can also be used when using READ RECORD, UPDATE RECORD, APPEND RECORD, DECREASE and INCREASE command, to select a file using short FID.

P2 b7 b6 b5 b4 b3 b2 b1 b0 short FID 1 0 0

If P2 MSB 5 bit is not 00000 and the lower 3 bit is 100, the MSB 5 bit will be the short FID. Example, if P2 is 0CH (00001100), the selected short FID will be 00001.

• Use DF file name to select TimeCOS can find the corresponding DF files with the DF file name.

3.4 Dedicated File (DF)

3.4.1 Master File (MF)

3.4.1.1 Definition

The root directory of the files system is Master File (MF). It is compulsory as the root directory of DOS system.

• After power-on-reset, MF will be automatically selected as the current file. • Only one MF exists in each TimeCOS card. • Multiple father DF, son DF and EF can exist under the MF.


3.4.1.2 header definition

File Header Byte Description File type 1 3F

File Identification 2 3F00

File Size 2 FFFF, set MF size to max

Access Right 1 1 Create right: the right to create files under MF

Access Right 2 1 Erase right: the right to erase files under MF

RFU 1 'FF'

RFU 1 'FF'

Table 3-3 File header definition of MF

3.4.1.3 File operations commands

• Create file Command It is compulsory to create MF before any operations if there is no MF.

• Select MF command It uses 'select file' command to select file with File identification'3F00' or File name '1Pay.sys.DDF01'

• Erase DF Command It uses this command to erase all files (DF or EF) under MF directory with the erase right for the current MF. However, the current access right, size and etc of MF is not changed (i.e. It cannot erase the file header information).

3.4.2 Dedicated File

3.4.2.1 Definition

In TimeCOS, Dedicated file is like the directory in DOS system. Each DF can hold multiple EF and/or multiple son-DF.

• TimeCOS Card can support up to three levels directory (MF-DF-DF). It is called as DDF if it contains son-directory; otherwise, it is called as ADF.

• Any of the DF is physically and logically independent from one another. Each of them has it own security mechanism and application data.

• There is no limit on how many DF exist on each card and it all depends on availability of EEPROM space in the card


3.4.2.2 Header file definition File Header type Bytes Description File type 1 3F

File Identification 2 Refer to 3.2.3.1

File Size 2 Describe the size of file body

Access right 1 1 Create Right: Right to Create files under DF

Access right 2 1 Erase right: Right to erase all files under DF

RFU 1 'FF'

RFU 1 'FF' Table 3-4 File header definition of DF

3.4.2.3 File Name Refer to '3.2.3.3 files name'

3.4.2.4 Files operations commands

• Create file Command If has the current DF create right, can use 'create file' command to create files.

• Select MF command Can use 'select file' command to select file with DF identification or File name

• Erase DF Command Can use this command to erase all the file (DF or EF) under DF directory with the erase right for the current DF. But the current access right, size etc of DF is not changed (i.e. Cannot erase the file header information).

Remark If there is no files under the DF directory, can create or read/write files without the limitation of access right. However, once leave the DF and re- enter the DF, the access right will apply.

3.5 Common Elementary Files (CEF)

Common Elementary Files are files used by the application to stores application data and records. All these files can co-exist within the same CEF.

CEF can be one of the following type of files:

• Binary files • Fixed-Length Record files • Cyclic Record Files • Electronic Purse Files • Variable-Length Record Files


3.5.1 Binary Files (BF)

3.5.1.1 Definition It is a series of numbers unit. Reading and writing of data is by binary unit.

3.5.1.2 File Body Structure-Transparent file Transparent file is also called binary file or solid file, i.e. transparent file have no operations on internal structures. It uses address offset to access the data in the files (The logic address starts from 0). The Structures of transparent file: Length(bytes) 1 2 3 4 5 6 7 8 9 . . .....

. ......

.....

. ......

.....

. ......

.....

. m

Figure 3-3 Transparent Structures Example: read 5 bytes from 10 bytes file with offset 3

1 2 3 4 5 6 7 8 9 10

Offset 3, Data

3.5.1.3 Header File Definition File Header type Bytes Description File type 1 '28', The setting of security refer to '7.1

create files'


File Size 2 Describe the size of file body

Access right 1 1 Read Right

Access right 2 1 Write right

Key Identification maintain 1 Calculate the KID of secure messaging

RFU 1 'FF' Table 3-5 File header definition of Binary File

3.5.1.4 File Operations Commands • Create file Command


If it has the current DF create right, it can use 'create file' command to create files.

• Select file command It can use 'select file' command to select file with DF identification

• Read Binary It can use 'read binary' command to read data when fulfill the file read right.

• Update Binary It can use 'write binary' command to update file when fulfill the file write right.

3.5.2 Fixed-length Record Files (FLRF)

3.5.2.1 Definition It is a sequence of records with fixed-length.

3.5.2.2 File body structures – Fixed length series file The structure of fixed-length record file has records with same length. Each record is identified by Record Number (RN). Record can only be accessed as a whole, it is not allowed to access part of the one record.

The structures of fixed-length body. Record Length (m) * Record Number (n) 1 2 3 ....................................m

1 ...

...

n Figure 3-4 Fixed length record file structures

3.5.2.3 Header File Definition File Header type Bytes Description File type 1 '2A', The setting of security refer to '7.1

create files'


File Size 2 Byte 1 describe the record number (2..254) Byte 2 describe the record length( <<178)




File Header type Bytes Description Key Identification maintain 1 Calculate the KID of secure messaging

RFU 1 'FF' Table 3-6 File header definition of FLRF

2.1.1.1 3.5.2.4 File Operations Commands • Create file Command



• Read record It can use 'read record' command to read one record when fulfill the file read right.

• Update record It can use 'update record' command to add /update one record when fulfill the file write right.

3.5.3 Cyclic Record Files (CRF)

3.5.3.1 Definition It is a cyclic of records with fixed-length record.

3.5.3.2 File body structures – Cyclic file

Cyclic file is also called cyclic record file. Cyclic record file is a ring file with fixed-length records. The record number is controlled by TimeCOS. Each record is identified by Record Number (RN). Latest record is always marked as RN 1. On adding new record, the new record will be marked as RN 1 and all previous records will have the RN incremented by 1. In the case of all records in the file are filled, a new append record command will follow the FIFO rule i.e. the oldest record in the file will be replaced.

The structures of cyclic file body. Record Length (m) * Record Number (n) 1 2 3 ....................................m

1 ...

...

n Figure 3-5 Cyclic record file structures


3.5.3.3 Header File Definition File Header type Bytes Description File type 1 '2E', The setting of security refer to '7.1

create files'






RFU 1 'FF'

�� ! �� #"�$�� ! �� #"�$�� ! �� #"�$�� ! �� #"�$��





• Append record command It can use 'append record' command to append one record when fulfill the file append right.

• Update record It can use 'write binary' command to add /update one record when fulfill the file write right.

3.5.4 Elementary Purse File

3.5.4.1 Definition The purse file structure is similar to cyclic file. Each record is a digit. When deposit/withdraw, use the digit of first record to plus/minus the amount. Then use the new record as the first record

3.5.4.2 File body structures – Cyclic file Refer to '3.5.3.2 cyclic file'

• The record number must greater or equal to 2, the record length must be less than 8 bytes.


• The amount in the purse file is operated in binary format and the amount of new created files is 00.

• It updates the amount in the first record (RN is 1) when deposit/withdraw. Then it updates the new record as the first record.

3.5.4.3 Header File Definition File Header type Bytes Description File type 1 '2F', The setting of secure messaging refer to

'7.1 create files'



Access right 1 1 decrease money right/read right

Access right 2 1 Deposit right.


RFU 1 'FF' Table 3-8 File header definition of EP file

• Read record right The right of use 'read record' command to read specified record.

• Decrease right The right of using 'decrease' command to decrease the balance of the purse

• Deposit right The right of using 'increase' command to increase the balance of the purse.




• Deposit command It can use 'increase' command to increase the balance of purse when fulfill deposit right.

• Withdraw command It can use 'decrease' command to decrease the balance of purse when fulfill withdraw right.



3.5.5 Electrical Purse/Deposit File

3.5.5.1 Definition

• Electronic deposit The card, which is protected by PIN and used by cardholder to purchase, withdraw cash etc. It support load, upload, purchase, cash withdraw, overdraw limit and balance check.

• Electronic Purse The finance card designed for small amount usage by card holder. It supports load, purchase and balance check. Except load, all other transactions will not be recorded in detail and PIN is not necessary.

3.5.5.2 File body structures – cyclic file Refer to 3.5.3.2 file body structure – cyclic file. The data structure of each transaction is show below.

Data unit Length Balance 4

ED/EP off line transaction code 2

ED/EP online transaction code 2 Table 3-9 Data Structure of transaction Remark: For EP, the effect length of balance is 3 bytes and the first bytes is fixed to '00'

3.5.5.3 ED/EP File Header Definition File Header type Bytes Description File Identification 2 0001 is ED, 0002 is EP

RFU 2 0000

File Type 1 '2F'

File Size 2 Byte 1 describes the record number (equal to 2) Byte 2 describes the record length (equal to 8)

SFI 1 SFI of current file

RFU 1 'FF'

Read Right 1 Read balance right


File Header type Bytes Description Write right 1 Update the overdraw limit

RFU 1 '00'

Deposit 1 Deposit right

Decrease 1 Decrease right

RFU 1 '00'

Max Balance limit 4 It means balance cannot over the limit (Default is FFFFFFFF, EP is 00FFFFFF)

Overdraw limit 3

RFU 8 0000000000000000

Table 3-10 File Header Definition of ED/EP files

• Read record right The right of using EP/ED to purchase/check balance etc. .

• Operations right The right of using EP/ED to load, upload, overdraw or withdraw etc

• Transaction detail file Identification It is used to record SFI of cyclic file contains transaction detail.


If has the current DF create right, can use 'create file' command to create files. • Select file command

Can use 'select file' command to select file with DF identification

3.5.6 Variable-length Record Files (VLRF)

3.5.6.1 Definition Variable-length record files has record with variable length.

3.5.6.2 File body structures – Variable-length line file Each record can have different length when written. Data is stored in each record as a record unit. The record is identified by record number or record identification. When making changes to the record, the new record length must be the same length as the original record. Otherwise the changes will not take effect.

• The record number must be in the range from 2 to 254. • Different COS has different max limit for record length. The max record

length of TimeCOS can support up to 255 bytes. .


• Normally, VLRF exists in TLV(tag-length-value) format. In timeCOS, both VLRF and key file exist in variable-length record format.

3.5.6.3 File Header Definition File Header type Bytes Description File type 1 '2C', the setting of secure messaging refer to

'7.1 create files'



Access right 1 1 Read right

Access right 2 1 Update/write right,

Key Identification maintain 1 Calculate KID of secure messaging.

RFU 1 'FF' Table 3-11 File header definition of VLRF Remark The size of file body = Sum of all records length. Record length = 1 byte records identification (T) + 1 byte record length (L) + L bytes data + 1 byte verification code (calculated by TimeCOS). The max length of each record is 255 bytes.





• Append record command It can use 'append record' command to append one record when fulfill the file append right.

• Update record It can use 'write binary' command to add /update one record when fulfill the file write right.


3.6 Secret Elementary files

These files are used to store the data calculated by card. These data is used by the COS for analyze/operation in order to do management or control, including key files.

3.6.1 Key Files

3.6.1.1 definition It is used to store key and cannot be read by external device. The key in the file can be added, operated, changed when fulfill the right to add, operate or change. Remark:

• Only one Key File (KF) can exist within each DF or MF. • Key File has to be created first within the MF or DF. • If the KF and other type of files does not exist when the DF or MF is

selected, new files can be created and this newly created file will have no read/write access restriction. Upon deselecting this file, subsequent access to this file must fulfill the access condition before it can be selected again.

3.6.1.2 File body structures-variable-length record format One Key file may contains multiple types of key, each key may have multiple value. Each secret key will be stored as a variable-length record. The T, L bytes in record will be maintained by COS.

Data Unit Length T ( maintained by COS) 1

L (maintained by COS) 1

Key Header 5 Value

Key Value Different key has different length Table 3.12 Data Unit Length Explanation:

• Record length = 1 byte Tag + 1 bytes length + 5 bytes Key header + Length of Key value

• Setting of Key header and Key value refer to “7.4 write key command” Notes: To add one key record connect to MF under the key file of DF, then the record length = 1 byte TAG + 1 byte length + 1 byte Key type.


3.6.1.3 Key header-- Key type. Key Name Key bytes(HEX) Key Name Type bytes(HEX) DES Encryption 30 External

Authentication Key

39

DES Decryption 31 Overdraw limit key 3C

DESMAC 32 Upload Key 3D

Internal key 34 Purchase Key 3E

Maintenance Key 36 Load Key 3F

Master Key 39 key with KID '00” Pin 3A

PIN Unlock key 37 Unlock Pin 3B

Pin reset Key 38 Table 3- 13 Key type

3.6.1.4 File Header definition

File Header Bytes Description File type 1 '3F'

File Identification 2 '0000'

File Size 2 Sum of all key length + 5 byte reserve space

DF SFI 1 Refer to table 3.15

Access right 2 1 Add Key right

RFU 1 'FF'

RFU 1 'FF' Table 3-14 File Header definition of Key file.

Explanation • DF Short file Identification

B7 B6 B5 B4 B3 B2 B1 B0 Description 0 0 0 X X X X X Current DF is DDF, LSB 5 bits is SFI of the

elementary file under DDF directories

1 0 0 X X X X X Current DF is ADF, LSB 5 bits is SFI of special data file used by card provider


B7 B6 B5 B4 B3 B2 B1 B0 Description 1 1 0 X X X X X Include SFI of A5 template of current DF

1 1 1 1 1 1 1 1 Reserved Notes: “A5” is record ID of special template of file control information.



• Add or change Key command (Write Key) Write Key command can be used to write one key record (Key header and Key value), or change Key value (cannot change Key header) when fulfill the right to add or change.

• Read record It can use 'read record' command to read one record when fulfill the file read right. Each Key type has corresponding command, refer to “3.6.2 Key” and table 3.15, Key type and command. Key Authentication or password calculation can only be used when the right is fulfilled.

3.6.2 Key

3.6.2.1 DES Encryption • DES encryption key is use for DES encryption functions. • Encryption Key is involved by the command “Internal Authenticate”.

3.6.2.2 DES Decryption • DES decryption key is used for decryption functions. • Decryption Key is involved by the command “Internal Authenticate”.

3.6.2.3 DESMAC • DESMAC key is used for generating the Message Authentication

Codes (MAC). • Decryption Key is involved by the command “Internal Authenticate”.

3.6.2.4 Internal key Internal Key is used to produce the transaction Authenticate code when doing purchase, cash withdraw or load. The commands involved are:

• Credit for Load • Debit for Purchase/Cash Withdraw • Update Overdraw Limit


3.6.2.5 Maintain Key

When accessing file with secure messaging, Maintenance Key is used to produce key for secure messaging. The commands involved are:

• Read Binary • Update Binary • Read Record • Update Record • Append Record • Increase • Decrease • Card Lock • Application Lock • Application unlock

3.6.2.6 Master Key Master Key is used to generate the key used to produce the secure messaging, when load with secure message method or change key. The Commands involved are

• External Authenticates • Append /change Key command (Write Key)

3.6.2.7 Pin Unlock Key Pin Unlock key is used to produce secure message when access Pin with secure messaging. • Pin Unlock command, which is suitable for PIN with Identification '00' and

length is 2 to 6 bytes. • PIN verify command

Verify and change PIN, which is suitable for PIN Key with length is more than 8 bytes.

3.6.2.8 PIN reset Key PIN reset key is used to generate MAC to reset PIN. The commands involved is

• Reload/Change Pin), suitable for PIN with Identification'00' and length from 2 to 6 bytes

3.6.2.9 External Authentication Key • TimeCOS will use this key to decrypt the command data (encrypted challenge code) during the external authentication operation.. • When the access condition is fulfilled, it uses the EXTERNAL

AUTHENTICATION command to authenticate the card terminal. Once the external authentication key is locked, it cannot be unblock.


3.6.2.10 Change Overdraw Limit Key Change Overdraw Limit Key is used to produce the session key when changing overdraw limit transaction. Session Key is used to generate MAC and TAC when changing overdraw limit. The commands involved are:

• Initialize for update • Update overdraw limit.

3.6.2.11 Upload Key Upload key is used to generate the session key during upload transaction. Commands involved are :

• Initialize for upload. • Debit for upload

3.6.2.12 Purchase Key Purchase key is used to generate the session key during purchase/withdraw transaction.

Command involved are : • Initialize for purchase/cash withdraw • Debit for purchase/cash withdraw.

3.6.2.13 Load Key Load Key is used to generate session key during load transaction. Commands Involved are

• Initialize for load • Credit for load

3.6.2.14 PIN • Secret PIN is presented by the card holder during the PIN verification process. • Length of Pin varies from 2 to 8 bytes. • The card reach secure status after the PIN is verified, then it can continue

operations, like read files. • Attempts error counter will only be updated after the PIN presentation

operation. • Each PIN has an attempts error counter which will decrement by 1 after every

unsuccessful PIN presentation. When the number of consecutive false attempt exceed the highest limit allowed, the PIN will be locked. Specified command can be used to unlock PIN. The limit is from 1 to 15.

Command Involved are

• Verify PIN • Verify and Change PIN, used for PIN more than 8 bytes. • Unlock PIN, used for PIN more than 8 bytes • Reset/change PIN, which is used for Key with Identification '00'. The length is

from 2 to 6 bytes.


• PIN Unlock, Used for Key with Identification'00'. The length is from 2 to 6 bytes.

Master PIN If some PIN is set in MF, and the PIN is used by specified DF, then the mast PIN is master PIN. In DF, when fulfill the master PIN right, it can verify master PIN. In order to change value of bytes used by current secure status, other related command can also be used to operate on master PIN, like verify/change PIN etc.

3.6.2.15 Unlock PIN Unlock PIN is used to unlock locked 8 bytes PIN.

Once the Unblock PIN is blocked it can never be unblock. Command involved is “unblock”.

3.6.3 Master Key If some key is set in MF, and the key can be used by the specified DF, then this key is Master Key.

• Implementation method. Add some Key record connect to MF under the key file of MF, i.e. “Write Key “ only point out the same Key identification and Key type in MF. The real key property and content is the key property and content of corresponding key type and Identification of MF.

• Application Method In DF, when fulfill the access right of master Key, the corresponding operations can be done, when fulfill the right to change of master key, can use “write Key” command to change Key (Except PIN). Example In order to use one PIN in each application, it uses the master PIN.

3.6.4 Master Key and Key distribution To achieve the max security when using when using symmetric algorithms in COS, key of each card is unique in the system, i.e. Card key = analyst result of specified data by Master Key

For Single DES Master key, the distribution method is shown below. 8 bytes Input Data 8 Bytes Master Key Single DES algorithms

8 bytes Key after distribution Figure 3.6 Single DES Key distribution For Triple DES master Key, the distribution method is shown here


8 bytes Input data 8 bytes input data

after reverse

16 bytes master Key

Triple DES algorithms

Triple DES algorithms

16 bytes master Key

Left 8 bytes after distribution

Right 8 bytes after distribution

Figure 3-7 Triple DES key distribution Thus, the terminal must know the master key.


3.6.5 Key Type and Command List HEX Command

30 31 32 34 36 39 37 38 39 3A 3B 3C 3D 3E 3F

Append Record V

Application Block V

Application Unblock V

Card Block V

Credit for load V V

Debit for Purchase Cash Withdraw

V V

Debit For Unload V

Decrease V

External Authentication

V V

Increase V

Initialize for purchase, Cash withdraw

V

Initialize for Load V

Initialize for unload V

Initialize for Update V

Internal Authentication

V V V

PIN unblock V ̀

Read Binary V

Read Record V

Reload/Change Pin V

Unblock V

Update Binary V

Update Overdraw Limit

V V


HEX Command

30 31 32 34 36 39 37 38 39 3A 3B 3C 3D 3E 3F

Update Record V

Verify & Change PIN V

Verify PIN V V

Write Key V

Table 3.15 Key type and Command List

Remark: The V in the table means the command can be applied on the corresponding key type. Key type is represented by 1 byte. For example, key type 30 mean the key is DES encryption Key. Key type is set when the key file is load. The matched pair of key type and hex value is shown in table 3.16. Key Type HEX Key type HEX Key type HEX DES encryption 30 Master Key 39 Unlock Pin 3B

DES decryption 31 Pin Unlock 37 Upload 3D

DES & MAC 32 Pin Reset 38 Purchase 3E

Internal Key 34 External Authenticate

39 Change Overdraw Limit

3C

Maintenance Key 36 PIN 3A Load 3F Table 3.16 Key type and Hex List

3.7 File type and Command List File type (HEX) Commands

MF 38

DF 38

Binary 28

Fixed Length Record 2A

Cyclic 2E

Purse 2F

Variable Length Record 2C

Key file type 3F

Append Record V V

Create V V V V V V V V

Credit For Load V

Debit For Purchase/ Cash Withdraw

V

Debit for Unload V


File type (HEX) Commands

MF 38

DF 38

Binary 28

Fixed Length Record 2A

Cyclic 2E

Purse 2F

Variable Length Record 2C

Key file type 3F

Decrease V

Erase DF V V

Get Balance V

Increase V

Initialize for Cash Withdraw

V

Initialize for Load V

Initialize for Purchase V

Initialize for unload V

Initialize for Update V

Read Binary V

Read Record V V V V

Select File V V V V V V V

Update Binary V

Update Overdraw Limit

V

Update Record V V V

Write Key V Table 3-17 File type and command list Remarks “V” in the table means the command can be applied on the corresponding file.

File type shows the internal structures of the file, which is represented by 1 byte. For example, one file type is “28H” means it is binary file. File type is defined when the file is created.


3.8 TimeCOS file structures example

Key File: Master Key

Index File(Fixed/Variable Length record file) Key File

• Application Master Key • Purchase Sub-Key(DPK) (Purchase Key) • Load Sub-Key(DLK) (Load Key) • TAC Sub-Key(DTK) (Internal Key) • PIN Unlock Sub-Key(DPUK)

(PIN unlock Key) • PIN Reset Sub-Key(DRPK) (PIN reset Key) • Application Maintain Sub-Key (DAMK)

(Maintain Key) • Upload Sub-Key)(DULK) (Upload Key) • Change Overdraw Limit Sub-Key (DUK)

(Change Overdraw Limit) • PIN

Public Application Elementary file 0015 (Binary File)

Card Holder Elementary file 0016 (Binary File)

Transaction Detail File 0018 (Cyclic Record file)

Electronic Purse File 0002 (Electronic Purse file)

ADF

Electronic Deposit file 0001 (Electronic Deposit File)

MF (Purc-hase System Environment)

Other Application Table 3-18 TimeCOS/PBOC file structure example


3.9 File Size Calculation As shown above, the format of each in EEPROM is shown below.

12 bytes Header (EP/ED is 30 bytes) (File type, file Identification, file body size, access right, verification)

File Body Size

• Size of each file in EEPROM = file header + file body • Fixed length, purse and cyclic file size = record number * (record length + 1) • The size of DF in EEPROM = DF header (12 bytes) + all file size under DF +

DF name length • MF size = MF header (12 bytes) + sum of all file size .


4 TimeCOS 2.9 Security Management Scheme

• TimeCOS 2.9 security management system is based on the concept of security state, security access conditions, security mechanism and cryptographic functions.

• TimeCOS 2.9 will authenticate the card terminal devices before it can be accessed.

• TimeCOS 2.9 first determines if the access to a particular file is allowed by comparing the value of the security state register with those required by the access condition.

User can define and determine the type of security mechanism at the application level.

4.1 Security State Security State is referring to the security level at the current directory. For TimeCOS 2.9, the MF and DF have 16 types of security level individually. Two 4-bit register inside TimeCOS 2.9 is used to indicate the current security state. Both registers can have any value between 0 to F. These two registers are:-

[1] MF security state register It determines the security level for the global level. [2] DF security state register It is the security level at current DF level only.

4.1.1 MF security state register

• The security state register will be reset to 0 when the following happens: ��[1] After card reset. ��[2] The PIN verification command or external authentication command return a failure code of 63CX.

• Moving from one application directories to another will not affect the value of the security state register.

• Only successful PIN verification and external authentication will the value of security state register at MF level be changed.

• When the current directory is MF, the security stare register at current directory will be equal to the security state register of MF.

4.1.2 DF security state register • The security state register will be reset to 0 when the following

happens :- [1] After card reset. [2] Changes in current directory, such as, select father directory (which


is not the MF), or select son DF. [3] The PIN verification command or external authentication command return a failure code of 63CX.

• Only PIN and external authentication of current DF will affect the security state register after a successful PIN verification and external authentication.

• If the current directory is MF, the security state register at current directory will be equal to the current security state register of this MF.

4.2 Security Access Condition The access conditions must be fulfilled before the file can be accessed. This meant also the security state register must matches certain value before the operation can be executed. Access condition can also be referred as individual access rights, i.e. according to the table as follows: -

File Type Access Rights MF/DF Create/Erase

Key File Append

Secret key within Key File Change/Use

Binary File Read/Write

Fixed Length Record File Read/Write

Cyclic Record Read/Write

Purse File Read and Decrease/Increase

Electronic Deposit/Electronic Purse Use

Variable Length File Read/Write During file creation, each type of access right is represented by 1 byte. As compared to other COS, TimeCOS 2.9 uses a different method to control the access rights. It is using a predefined field to restrict others from accessing it illegally. Assuming the value of security state register at current level is represented by V.

• If the access condition of MF is “0Y”, to access the files at this level, the security state register of MF must be equal or greater than 'Y';


i.e. for access condition = “0Y” V >= Y

If a particular file has a read access right of “05”, which means that the MF security state register must be equal or greater than 5 before the file can be read; i.e. for read access right = “05” V >= 5

• Ιf a file at current level has the access condition is 'XY' (in which X

is not equal to 0), which means the value in the security state register must fulfill both condition i.e. equal or greater than Y and also equal or smaller than X.

For the case X>Y: - i.e. for access condition 'XY' where X > Y V >= Y V <= X

• For the case X=Y then the security state register at current level must be equal to X.

i.e. for access condition 'XY' where X=Y V = X = Y

• For the case X<Y, it is a inhibit operation. Example 1 : A file with write access right of 53, it means when writing to the file, the security state register must have a value of 3, 4 or 5. Example 2 : A file with read access right of F0 and write access right of F1. It means the file can be read without any restriction. However, when comes to writing, the security state register must be equal or greater than 1.

Example 3: A file with read access right of FE, which means the security state register must match the value F or E before read access is granted.

4.3 Security mechanism

• This refers to the security process involved in managing the transfer from one security state to the other state.

• TimeCOS 2.9 uses the PIN verification and external authentication results to change the value of the security state register.

• At MF level, the value of the security state register at MF and at DF level will be updated upon successful authentication. If not at MF level, upon successful verification, you can change the security state register at that level only.

• When creating the PIN or external authentication key, the security state will indicates if the PIN verification is successful or external authentication is successful. The security state register will be set equal to the value of the current security state.


e.g. If the security state of the PIN key is 1, which means the security state register will be equal to 1 after a successful PIN verification.

• The current security state register will be set to 0 upon power-on-reset and when going from father-DF to son-DF or vice versa.

Assuming the card has a binary file which has been defined as :

Read access right = F1 ; Write access right = F2 ; DF has a PIN;

After successful PIN verification, the security state is 1; Card has an external authentication key; use right is 11; After successful external authentication, the security state is 2 ;

4.4 Cryptographic algorithm TimeCOS supports single-DES, Triple-DES and FAC public key functions.

Eg: Read Data = X1, X2, ... Sent Data = Y1, Y2, ... Single DES:- Encryption:

YI % &(' DES K [ XI ] Decryption:

XI % DES-1 &)'K [ YI ]


Triple DES:- Encryption:

Y % DES(KL)[DES-1(KR)[DES(KL[X])]] Decryption:

X % DES-1 (KL)[DES(KR)[ DES-1 (KL[Y])]]

• If the secret key is 8 bytes long when created, single DES algorithm will be used.

• If the secret key is 16 bytes long, then Triple-DES will be used.

• Message Authentication Codes (MAC) can be generated using single-DES or triple-DES algorithm.

• During computation, the secret key type (assigned to identify different type of secret key) will determine if it is for encryption or decryption. In fact, secret key assigned for encryption cannot be used for decryption or generating MAC code. Secret key assigned for external authentication cannot be use for internal authentication.

• If the input data length is not a multiple of 8 then additional trailing 8000….. 00 will be padded to the data to make it multiple of 8 before DES computation is applied.

e.g. Suppose the data is 1223 3456 7889 90A1 B1 (number of bytes not multiple of 8); during the encryption process, the data will be changed to 1223 3456 7889 90A1 B1 80000000 0000 00 before it is encrypted.


5. Card Initialisation Settings

5.1 Card Initialisation The card initialization procedure performs the following two functions

1. TimeCOS parameters settings 2. Installation of transmission key

The card initialization process is performed at the card manufacturer's. Prior to the initialization process, the card will not be able to execute any other commands before this process is accomplished.

5.2 Card Transmission Protocol Card Transmission Protocol T = 0

5.3 Post Card Initialisation File Structure

Card Initialization Structure

5.4 Master File

• The root directory of the files system is Master File(MF).

Master File (MF) '3F00'

Key File '0000'


• File Header Definition:- File Type: '38' File Identification: '3F00' File Size: 'FFFF', set MF size to max MF Create Right: 'AA' MF Erase Right: 'AA' File Name: * 1PAY.SYS.DDF01

5.5 Key File

• Key File consists of a card transmission key to ensure a secure transmission process. The operations of the card can only be accomplished upon verifying the validity of this key.

• File Header Definition: File Type: '3F' File Identification: '0000' File Size: '1C' MF Short File Identifier: '01' Append Key Right: 'EF'

5.6 Card Transmission Key

• Card can only be used after validating the transmission key

• Key File Header Definition Key Identifier: '00' Key Type: 'F9' Use Right: 'F0' Change Right: 'AA' Security State: '0A' Error Counter: '33'

• Key Value Key length: 16 bits Default Key Value: 'WATCHDATATimeCOS' in ASCII code which is 57415443484441544154696D65434F53

Note: An unique customised card transmission key can be requested when ordering.


5.7 Explanation As explained previously, the create and erase access rights of the MF in the card has been prefixed as 'AA'. This cannot be changed. The card can only be used after a valid verification of the card transmission key, followed by setting the security state register to '0A'.

The following are two possible steps to take subsequently: 1) Erase all files under the master file (MF) and recreate the card structure 2) Change the transmission key and recreate and the card structure


7 Secure Messaging

7.1 Concept Secure messaging is to ensure the data integrity, confidentiality and authentication between the other parties. Data confidentiality was protected by encryption on transmitted data. On the other hand, the data integrity and authentication are assured by using MAC.

7.1.1 Integrity protection 4 bytes MAC are appended to the transmitted data. The receiver will verify the MAC when it receives the transmitted data. Unless it’s a correct result, the receiver never accepts the data. MAC assures data integrity and authentication.

7.1.2 Confidentiality protection Execute DES encryption on transmitted data for getting encrypted data so that it’s not meaningful to attackers. Data is secured by the encryption.

7.1.3 Integrity and confidentiality protection It is the most secure method. It firstly implements DES encryption then appends MAC. The receiver will verify the message before accepting it. It depends on user’s requirement to decide which method to apply. The implementation with higher security level will trade off with cost and system speed.

7.2 How to implement secure messaging

7.2.1 File Binary file, fix length record file, variable length record file, cyclic file and purse file can apply secure messaging. To apply secure messaging on the file as stated above, set the MSB bit to “1” during file creation.

Definite file type as figure 4-1:

B7 B6 B5 B4 B3 B2 B1 B0 Secure Messaging 0 0 File type None 1 0 File type MAC 1 1 File type DES&MAC

Figure 4-1 File Type Setting


Example: To protect a binary file by secure messaging, change the file type from “28” to “A8” during creating file.

7.2.2 Key The key can be transmitted using secure messaging. To transmit key using secure messaging (Write key or Verify PIN), just set 2 MSB of key type when loading.

Definite key type as figure 4-2: B7 B6 B5 B4 B3 B2 B1 B0 Protecting method 0 0 Key type None 1 0 Key type MAC 1 1 Key type DES&MAC Figure 4-2

Example: To protect an external authentication key using secure messaging (DES&MAC), it can change the key type from “39”to ”F9”.

7.3 MAC generation procedure MAC always is appended the last data field of command of response. The TimeCOS defined the length of MAC is 4 bytes. The procedure to generate MAC is as shown in following 6 steps: -

Step 1: Terminal sends a GET CHALLENGE command to the card to

request for a 4 bytes challenge code (random number). Pad 4 bytes of trailing 00s to the challenge code returned by the card. Use the result as the seed value (Sv).

Step 2: Follow the sequence to chain the data into a data block.

-CLA, INS, P1, P2, Lc+4, Data The lower nibble of CLA must be Hex 4 The command data field (if exists) contains plain data or encrypted data (for example: if the secure messaging applies, the encrypted data is put in the command data field during transmission).

- Response: Data (contain plain or encrypted) - Data defined by TimeCOS

Step 3: Divide the data block into several 8-byte data blocks and

identify as D1, D2, D3 etc.. The last data block can contain 1 to 8 bytes.

Step 4: If the last data block is 8 bytes, you still need to add Hex 8000 0000 0000 0000. Then go to step 5.


If the last data block is less than 8 bytes, it need add Hex 80. After the data block reaches 8 bytes then go to Step 5. If not, pad trailing 00s until the last block is exactly 8 bytes.

Step 5: Use the selected secret key to encrypt the data blocks. •••• If the secret key is 8 bytes, MAC generation procedure is as

Figure 4-3: - (due to the various length of the data generated during step3, the procedure may be more or less than tree steps).

•••• If the secret key is 16 bytes, MAC generation procedure is as Figure 4-4: - (due to the various length of the data generated during step3, the procedure may be more or less than tree steps).

Step 6: The 4 bytes MAC will be the left 4 bytes of the final results.

Figure 4-3 Calculate MAC by Single DES key

Seed Value (8 bytes)

XOR

D1

DES encryption (8 bytes secret key)

D2



XOR XOR

D3 Final results (8 bytes)


K1=left half of 16 bytes secret key (8 bytes) Kr= right half of 16 bytes secret key (8 bytes)

Figure 4-4. Calculate MAC by Triple DES

7.4 Data Encryption / Decryption procedure

7.4.1 Data encryption procedure Data encryption procedure is shown in following 5 steps: -

Step 1 : LD represents the length of plain text data. Add LD in the beginning the plain text data to generate the new data block.

Step 2 : Divide the data block formed in Step 1 into 8-byte blocks and

identify each of them as D1, D2, D3, D4 etc. The last data block may not be exactly 8 bytes.

Step 3 : If the last data block is exactly 8 bytes, go to Step 4.

If the last data block is less than 8 bytes, pad “80” (in hex) to the end of the data block. After the data block reaches 8 bytes, go to Step 4. If not, add additional 00s until the last block is exactly 8 bytes.

Step 4 : Use the relevant secret key to encrypt each data block.

• If the secret key is 8 bytes long, the encryption procedure is as Figure 4-5. • If the secret key is 16 bytes long, the encryption procedure is as Figure 4-6.

Seed Value (8 bytes)

XOR

D1

DES encryption by K1

D2

DES encryption by K1

DES encryption by k1

XOR XOR

D3

Final results (8 bytes)

DES encryption by kr

DES encryption by k1


Step 5 : Combine all the encrypted results (i.e. encrypted D1 + encrypted D2 + …) into a data block in the original sequence, then put the data block into the data field of command.

Figure 4-5 Data Encryption by Single DES

8 bytes data block in plain DN

DES encryption by left part of 16 bytes key Kl

DES encryption by left part of 16 bytes key Kl

DES decryption By right part of 16 bytes key Kr

8 bytes encrypted results DN

Kl = left half of 16 bytes secret key (8 bytes) Kr = right half of 16 bytes secret key (8 bytes) Figure 4-6 Data Encryption by Triple DES

8 bytes data block Dn


Encrypted result Dn (8 bytes)


7.4.2 Data Decryption procedure Data encryption procedure is shown in following steps: -

Step 1 : Divide the command data field into several 8-byte blocks and

identify each of them by D1, D2, D3 etc…

Step 2 : Decrypt each data block using the same secret key which was used to encrypt the data. • If the secret key is 8 bytes long, the encryption procedure is as Figure 4-7. • If the secret key is 16 bytes long, the encryption procedure is as Figure 4-8.

Step 3 : After completed the computation, all decrypted data is then chained together in the original sequence (according to decrypted D1 + decrypted D2 etc.) The data block now consists of LD, plain text and padded data.

Step 4 : Since LD indicates the length of plaintext, it is used to restore

the plain text.

Figure 4-7. Data Decryption by Single DES

8 bytes encrypted data block Dn

DES decryption (8 bytes secret key)

Decrypted data block Dn (8 bytes)


8 bytes encrypted data block DN

DES decryption By left part of 16 bytes key Kl

DES decryption By left part of 16 bytes key Kl

DES decryption By right part of 16 bytes key Kr

8 bytes decrypted results DN

Kl = left half of 16 bytes secret key (8 bytes) Kr = right half of 16 bytes secret key (8 bytes) Figure 4-8 Data Decryption by Triple DES

7.4.3 Session Key Session key is the single length key that generated from the variable data decrypted by the specific key. One specific session key is only effective in one transaction (e.g. debit and cash withdraw). Figure 4-9 describes the session key generation. The input data is 8 bytes, and please refer to specific command details for the input data. Figure 4-9. Session Key Generation

Single DES 8 bytes key

8 bytes session key

Input data

Single DES 16 bytes key

16 bytes session key

Input data


7.5 Command format for secure messaging Case 1 :- No data in the command data field and response data field.

For secure messaging :- CLA lower nibble must be “4”

Lc is the length of MAC (4 bytes) Case 2 :- Without command data field but with response data field

Without secure messaging:-

CLA INS P1 P2 Lc

With secure messaging:-

CLA INS P1 P2 Lc MAC Le

For secure messaging :- CLA lower nibble must be “4”

Lc is the length of MAC (4 bytes) Case 3 :- With command data field but without response data field.


CLA INS P1 P2 Lc Data


CLA INS P1 P2 Lc Data MAC

For secure messaging :-

CLA lower nibble must be “4” Lc is the length of data in the data field + MAC (4 bytes) Case 4 :- With command data field and response data field


CLA INS P1 P2 Lc Data Le


CLA INS P1 P2 Lc Data MAC Le

For secure messaging :-

CLA lower nibble must be “4”


CLA INS P1 P2


CLA INS P1 P2 Lc MAC


Lc is the length of data in the command data field + MAC (4 bytes) Le is the length of data in the response data field + MAC (4 bytes)

7.6 Application Examples

Command: UPDATE BINARY • Secure messaging method: DES & MAC • The Maintenance Key: 57415443484441544154696D65434F53 • Condition: File ID = 03 The space of File body = 8 bytes Set secure messaging during file creation. • Operation: Write data of 1122334455667788 into a binary file. Step1: - Get 4 bytes challenge code for generation MAC Command: 00 84 00 00 04 Response: 46 4E 84 AF 9000 Step2: - Write Binary file. Data to write: 11 22 33 44 55 66 77 88 Command: 04 D6 83 00 14 68 7E 0F 83 F6 A9 85 80 C4 01 5C EB 8D 00 F3 8B 1C AB E2 B9 Explanation: 68 7E 0F 83 F6 A9 85 80 C4 01 5C EB 8D 00 F3 8B is the encrypted result of 08 11 22 33 44 55 66 77 88 80 00 00 00 00 00 00 using the secret key. For the details of data encryption, please refer to “4.4.1 Data encryption”. 1C AB E2 B9 is the 4 bytes MAC generated by the secret key. Please refer to “4.3 MAC calculation”.

Response: 90 00


8 Command and Response

8.1 Typical Command and Response Format

The commands format presents by card terminal and response from card must be compliant to the following 4 cases: -

Case 1 :-

Command: CLA INS P1 P2 00

Response: SW1 SW2 Case 2 :-

Command: CLA INS P1 P2 Le

Response: Le = Number of Data bytes expected

SW1 SW2

Case 3 :-

Command: CLA INS P1 P2 Lc Data

Response: SW1 SW2 Case 4 :-

Command: CLA INS P1 P2 Lc Data Le

Response: Le = Number of Data bytes expected

SW1 SW2


8.2 Command Format TimeCOS command is consist of 4 bytes command header and command body: -

Header Body CLA INS P1 P2 Lc Data Le

8.2.1 Header Field The header field is mandatory and defined as follows: -

Field name

Length (byte)

Value (Hex)

Description

X0 ISO command without secure messaging CLA 1

X4 ISO command with secure messaging INS 1 XX Instruction code P1 1 XX Parameter 1 P2 1 XX Parameter 2

8.2.2 Body field The command body field is optional.

Lc No. of bytes in the command data field. Lc cannot exceed 178 bytes.

Data Command Parameters / Data. Le Expected length of response data.

Le = 00 means maximum response data length Le cannot exceed 178 bytes.

XX �� Hex value of 1 byte only XX XX �� Hex value for 2 bytes XXXX �� Hex value of unknown length

8.3 Response Format TimeCOS command is consist of data and status word: -

Body Status Word Response Data SW1 SW2

8.3.1 Response Data Field The Data field is optional.

8.3.2 Response Status Word The Status Word includes the two mandatory bytes i.e. SW1 and SW2.


8.4 Meaning of SW1 and SW2

The response Status Words indicate the condition of the command after execution; such as when the command is successfully executed, not properly executed and the reason for not executed.

The response message consists of 2 bytes. • Status Word 1 (SW1) is the command processing status; • Status Word 2 (SW2) is the command processing qualification.

SW1 SW2 Description 90 00 Command executed successfully without error 61 XX Command executed successfully without error

XX indicates length of response data (only for T=0) 62 81 Could be error in the response data 62 83 Invalid file selection, data or secret key failed checksum 63 Cx Incorrect PIN or external authentication submission.

x indicate the remaining attempts left. 64 00 No change in state indicator 65 81 Failed writing to EEPROM 67 00 Incorrect length 69 00 CLA and Line Protection mismatch 69 01 Invalid state 69 81 Command and file type mismatch 69 82 Security state not fulfilled 69 83 Secret key is blocked 69 85 Use condition not fulfilled 69 87 Missing data in security message 69 88 Incorrect data in security message 6A 80 Incorrect parameter in data field 6A 81 Operation not supported, or without MF or card is

invalidated. 6A 82 File not found 6A 83 Record not found 6A 84 No enough space in file 6A 86 Incorrect P1 or P2 parameter 6B 00 End of file reaches before Le/Lc is completed or offset

error 6C xx Le error 6E 00 Invalid CLA 6F 00 Invalid data 93 02 MAC error 93 03 Application has been locked 94 01 Inadequate cash value 94 03 Secret key not found 94 06 Required MAC cannot be used


Note :

[1] When SW1 high nibble is “9”, and low nibble not “0”, the meaning depends on the related application.

[2] When SW1 high nibble is “6”, and the low nibble is not “0”, the meaning has no relation with the application.


9 TimeCOS 2.9 Administration & Security Commands Set No. Command CLA INS Function description Compatibility 1 APPEND RECORD 00/04 E2 Append record ISO 2 DECREASE 80/84 30 Decrement cash value Proprietary 3 EXTERNAL

AUTHENTICATION 00 82 External

authentication ISO

4 GET CHALLENGE 00 84 Get challenge code from card

ISO

5 GET RESPONSE 00 C0 Get response data ISO 6 INCREASE 80/84 32 Increment cash value Proprietary 7 INTERNAL

AUTHENTICATION 00 88 Internal authentication ISO

8 READ BINARY 00/04 B0 Read binary file ISO 9 READ RECORD 00/04 B2 Read record ISO 10 SELECT 00 A4 Select files ISO 11 UNBLOCK 80 2C Unblock the

application blocked Proprietary

12 UPDATE BINARY 00/04 D6 Write binary file ISO 13 UPDATE RECORD 00/04 DC Write record ISO 14 VERIFY PIN 00/04 20 Verify PIN ISO 15 VERIFY/CHANGE

PIN 80 5E Verify and change the

PIN Proprietary

Table 9.1 Basic Command List of TimeCOS

9.1 Append Record

9.1.1 Description The APPEND RECORD command is for appending record to cyclic file and variable-length record file.

9.1.2 Note

��Append Record command is only applicable to Variable-length Record file & Cyclic file

��Command for record file: • Create File • Select File • Read Record • Update Record • Append Record


��This command is only executed when read record file right was fulfilled

��If the last cyclic record has been reached, then the append record will write the data into the first record. The record number of this new record is 1.

9.1.3 Command Format/Parameter

Code Designation Value (Hex) Byte/s CLA --- 00/04 1 INS --- E2 1 P1 --- 00 1 P2 Note 1 XX 1 Lc --- XX 1 DATA Data for writing XX...XX XX Le Not exist - -

Table 9.2 Command format and parameters

Note : -- Designation of P2 parameters:

P2 Designation b7 b6 b5 b4 b3 b2 b1 b0

Select file based on FID

Short FID 0 0 0

Select current file 0 0 0 0 0 0 0 0

Table 9.3

-- Lc is the number of bytes for writing. (1) If secure messaging applies,

Lc = length of data for writing + 4 bytes of MAC. (2) If encrypted secure messaging applies,

Lc = length of the encrypted data for writing + 4 bytes of MAC.

9.1.4 Command Data Field • The command data field contains the record for appending. • If secure messaging applies, it contains the record for appending and 4

byte of MAC. • If encrypted secure messaging applies, it contains the encrypted record for

appending and 4 bytes of MAC. • The key used for secure messaging is the Maintenances key.

9.1.5 Response Data Field Not exist.


9.1.6 Response Status Word The possible response code is:

SW1 SW2 Description 90 00 Command successful 65 81 Failed writing to EEPROM. 67 00 Incorrect length (Lc field is empty) 69 81 Cannot write if it is not a CRF or VLRF. 69 82 Access condition not fulfilled 6A 81 Function not supported (MF missing or blocked) 6A 82 File not found. 6A 83 Record not found. 6A 84 Insufficient space for writing (for VLRF only)

Table 9.4

9.1.7 Application Example [1] Variable-Length Record File (VLRF)

VLRF with FID = 0001 Write data = 11 22 33 44 55 66 77 88 99 AA BB CC The VLRF was created without secure messaging protection.

Step: - Append a record tagged as AA to the VLRF without using

secure messaging.

Command: - 00 E2 00 08 0E AA 0C 11 22 33 44 55 66 77 88 99 AA BB CC

Response: 9000 [2] Cyclic File

FID = 0001 RN=02 Length of Record = 06

The CRF was created without secure messaging protection. The CRF is current file

Operation: Append a record to the CRF without secure messaging protection

Command: 00 E2 0000 06 11 22 33 44 55 66 Response: 9000


9.2 Decrease

9.2.1 Description DECREASE command is to deduct from EPF with record length less than 8 bytes.

9.2.2 Note

��DECREASE command only works on common EPF.

��Command for E purse file: Create File Select File Increase/Decrease Read Record

��This command is only executed when the common EPF decrease right was fulfilled.

9.2.3 Command Format / Parameter

Code Designation Value (Hex)

Byte/s

CLA --- 80/84 1 INS --- 30 1 P1 --- 00 1 P2 Refer to explanation XX 1 Lc Record length of EPF XX 1 DATA Amount to be deducted XX...XX XX Le 00 1

Explanation: The P2 setting is as follows:

Designation P2 b7 b6 b5 b4 b3 b2 b1 b0 b4-b8 is the SFI X X X X X 1 0 0 Current file 0 0 0 0 0 1 0 0

9.2.4 Command Data Field • The data filed contains the cash amount to be deducted. • If secure messaging applies, the data contains the cash amount to be deducted and 4 bytes of MAC. • If encrypted secure messaging applies, the data field contains the encrypted cash amount and 4 bytes of MAC. • For secure messaging, the Maintenance key will be used.


9.2.5 Response Data Field Response data field consists of new balance in EPF (Lc bytes) and the deduction amount for this transaction (Lc bytes).

If secure messaging applies, it consists of new balance, deduction amount and additional 4 bytes MAC. If encrypted secure messaging applies, it consists of encrypted new balance, encrypted deducted amount and 4 bytes MAC.

9.2.6 Response Status Word The response status word could be: -

SW1 SW2 Description 90 00 Successful 61 XX Successful

XX indicates length of respond data field. Use GET RESPONSE to get the respond data (only for T=0)

65 81 Failed writing to EEPROM. 67 00 Lc and EPF length mismatch. 69 81 Not an EPF. 69 85 Deduction and top-up EPF access condition not

fulfilled. 69 87 Missing secure message. 6A 82 File not found. 93 02 Data error detected in secure messaging. 94 01 Insufficient cash.

9.2.7 Application Example: [1] Conditions: EPF with FID = 0003; The number of record =2

Length of record =4. Created without secure messaging protection.

Step 1: Deduct 2 dollar from the EPF. Command: 80 30 00 1C 04 0000 00 02 Response: 6108 Explanation: For T=0, 6108 indicates the length of response data. By using the GET RESPONSE command, it can get the response data. For reader of Watchdata reader can auto get the response data and therefore there is no need to send the GET RESPONSE command. Step 2: get response data Command: 00 C0 00 00 08 Response: 00 00 00 07 00 00 00 02 9000


Explanation: “0000 0007” is the new balance in the EPF.

“0000 0002” is the amount deducted for this transaction.

9.3 External Authentication

9.3.1 Description External Authentication key is complementary for External Authentication command.

9.3.2 Note This command can only be executed when the access condition for using external authentication key is fulfilled and the key is not blocked.

9.3.3 Command Format and Parameter


Byte/s

CLA --- 00 1 INS --- 82 1 P1 --- 00 1 P2 External authentication key

identifier XX

Lc --- 08 1 DATA Encrypted 8 bytes random

number XX...XX 8

Explanation:

Use the specified authentication key to decrypt the data in command field. Then the result is compared with the original random number.

��If it’s the same, then external authentication passes. Then the security status will be set to the following status and the reset the error counter.

��If it’s not the same, then external authentication fails. The number of error counter decreases one and the security status remains the same.

9.3.4 Command Data Field It contains 8 bytes of encrypted random number.



9.3.6 Response Status Word

SW1 SW2 Description 90 00 Successful 63 CX X remaining attempts left 67 00 Incorrect length 69 81 Not an external authenticate key 69 82 External authenticate key access right of use not fulfilled 69 83 Authentication (external authentication key) was blocked 6A 82 Key File not found 93 02 Error detected during secure messaging 94 03 Key not found

External Authentication process External Authentication is the process that card authenticates the external terminal. The process is as follows: Terminal Direction TimeCOS 2.9smart card Get 8 bytes random number

��==>==>==>==>

Card generates the challenge RNDicc

⇐⇐⇐⇐ <==<==<==<==

Send random number to terminal

Terminal encrypts the RNDicc using the Cardkey, which is the same as the external authentication key and get the encrypted D1. That is D1=DES (Cardkey,RNDicc)

Send D1 for external authentication

�� ==>==>==>==>

Card uses the specific external authentication key to decrypt D1 and get D2.Compare D2 with RNDicc

1) D2=DES-1(KID,D1) 2) D2? = RNDicc

⇐<==⇐<==⇐<==⇐<== Send the comparison result (SW1SW2) to terminal. If comparison is successful, set the value of the security state register equal to the following status


Explanation: 1. The terminal gets the random number RNDicc 2. The terminal uses the specific key to encrypt RNDicc by DES and generates

D1 3. The terminal sends the external authentication command to card and sends D1

00 82 00 kid 08 D1 4. After card receives D1, it uses the corresponding key to decrypt D1 by DES

and generates 8 bytes D2. The card compares RNDicc and D2. 5. If it’s the same, then external authentication passes. Then the security status

will be set to the following status and the reset the error counter. 6. If it’s not the same, then external authentication fails. The number of error

counter decreases one and the security status remains the same.

9.3.7 Application Example Conditions:

External authentication key ID = 01; Use access right = 0xF0; Change access right = 0xEF,

Attempts error counter = 0x33; Following status = 01; 16 bytes secret key = 57415443484441544154696D65434F53 [Step 1]

Get 8 bytes random number

Command: 00 84 00 00 08 Response: D3 89 BF 67 45 B9 35 50 9000

[Step 2]

Card terminal uses the secret key 57415443484441544154696D65434F53 (which is the same as the external authentication key) to encrypt the random number and the result is C1 8A 5B 4B 13 40 25 21.

[Step 3]

Card terminal sends the encrypted random number to the card to do external authentication.

Command: 00 82 00 00 08 C1 8A 5B 4B 13 40 25 21 Explanation: C1 8A 5B 4B 13 40 25 21 is the encrypted data from [Step 2] Response: 9000

Explanation: Since it’s successful, it sets the security status to be the following status 01.

9.4 Get response

9.4.1 Description GET RESPONSE command is to request the card to return the data in response to previous command.


You can only use this command to request for the response data when the current response is 61 XX, where XX is the number of data bytes expected to return by the card during previous command response.

Notes: Only applicable to T=0 transmission protocol.



Byte/s

CLA --- 00 1 INS --- C0 1 P1 --- 00 1 P2 --- 00 1 Le Length of expected response data XX 1

9.4.3 Command Data Field Not exist.

9.4.4 Response Data Field The response data length is determined by Le.

9.4.5 Response Status Word Response format:

Le bytes of data SW1

SW2

SW1 SW2 Description 90 00 Successful 67 00 Incorrect length (Le larger than the response data

length). 6F 00 Card does not have data to return.

9.4.6 Application Example [1] Conditions: - Suppose using a EPF with FID = 0001; Number of records of EPF = 2; Record length = 4 bytes; Step 1: - Top-up 1 dollar to the EPF. Command: - 80 32 00 0C 04 0000 0001

Response: - 6108 Explanation: - The meaning of “61 08” is they are 8 bytes data

waiting for sending. Step 2: - Get response data. Command: - 00 C0 00 00 08 Response: - 0000 0002 0000 0001 9000 Explanation: -“0000 0002” is the new balance. “0000 0001” is the top-up amount.


9.5 Get Challenge

9.5.1 Description GET CHALLENGE command requests a random number, which is used during secure process (e.g. secure messaging).



Byte/s

CLA --- 00 1 INS --- 84 1 P1 --- 00 1 P2 --- 00 1 Lc Not exist - - DATA Not exist - - Le Length of random number

expected 04/08 1

Table 1


9.5.4 Response Data Field It contains the challenge code with specified Le bytes.

9.5.6 Response Status Word SW1 SW2 Description 90 00 Successful 6A 81 Function not supported (MF missing or card has

been blocked) 67 00 Incorrect length

9.6 Increase

9.6.1 Description INCREASE command is for topping up value to EPF, which record length is less than 8 bytes.

9.6.2 Note • INCREASE is only applicable to common EPF • The following command is applied to the command EPF:

Create File Select File


Increase/Decrease Read Record

• This command can only be executed when the access right is fulfilled.



Byte/s

CLA Without secure messaging 80/84 1 INS --- 32 1 P1 --- 00 1 P2 Refer to explanation XX 1 Lc Record length of EPF XX 1 DATA Top-up amount XX...XX XX Le --- 00 1

Explanation: P2 is set as follows:

Designation P2 b7 b6 b5 b4 b3 b2 b1 b0 Select file by using FID

X X X X X 1 0 0

Select current file 0 0 0 0 0 1 0 0

Table 2

9.6.4 Command Data Field The data field contains the cash amount to top-up. If secure messaging is applied, the command data field is made of top-up amount and additional 4 bytes of MAC. If encrypted secure messaging is applied, the data field contains the encrypted top-up amount and additional 4 bytes of MAC. For data encryption by Maintenance key and MAC calculation, please refer to

“Secure Messaging”.

9.6.5 Response Data Field Response data field consists of new balance in EPF (Lc bytes) and the top-up amount (Lc bytes). If secure messaging is applied, it consists of new balance, top-up amount and additional 4 bytes of MAC. If encrypted secure messaging is applied, it consists of encrypted new balance, encrypted top-up amount and 4 bytes of MAC.


SW1 SW2 Description


90 00 Successful 61 XX Successful

XX indicates the length of response data. GET RESPONSE is the command to get response data. (Only for T=0)

62 83 File checksum error 67 00 Lc length is mismatch with EPF length 69 81 Not an EPF 69 85 Deduction and top-up EPF access condition not

fulfilled 6A 82 File not found 93 02 Secure messaging error 94 01 Cash overflow or current top up amount = 0

Table 6.13 Response status word of Increase command

9.7 Internal Authentication

9.7.1 Description Internal Authentication command authenticates card by the random number

fro the terminal and its own key.

9.7.2 Note This command can only be executed when the use of key access right is fulfilled.

9.7.3 Command Format / parameter


Byte/s

CLA --- 00 1 INS --- 88 1

Encryption 00 Decryption 01

P1

MAC calculation 02

1

P2 KID for DES key XX 1 Lc --- XX 1 DATA Authentication data XX...XX XX Le --- 00 1

Table 3

Explanation: If P1=00, it’s encryption process and the key type is the DES encryption key If P1=01, it’s decryption process and the key type is the DES decryption key

If P1=02, it’s MAC generation and the key type is DES&MAC key


9.7.4 Command Data Field It contains the authentication data for the application, which is result of DES calculation.

9.7.5 Response Data Field It contains the related authentication data, which is also the result of DES calculation.



XX indicates the length of response data. GET RESPONSE is the command to get response data. (only for T=0)

67 00 Incorrect length 69 81 Secret Key and DES function mismatch 69 82 Access condition not fulfilled 69 85 Use access right not fulfilled 6A 82 Key File not found 94 03 Secret key not found

Table 4 Explanation: If there is no matching responding key type, the card will return 9403, which means there is no correct key found.

9.7.7 Process of Internal Authentication Internal Authentication is to authenticate cards by external device. The process is follow as:

Terminal Direction Card Sent RNDifd for internal authentication

�� ⇐⇐⇐⇐

Card encrypted the RNDifd using the dedicated DES encrypted key and generated the result D1. D1=DES (KID, RNDifd) Send the D1 to terminal

Encrypt the RNDifd by Cardkey, which is the same key used by card for DES encryption. D2 is the generated result. Compare D2 with D1: 1) D2 = DES (CardKey, RNDifd) 2) D1? =D2


Explanation:

1. Terminal generates 8 bytes random number RNDifd by itself or gets it from PSAM card.

2. Terminal sends Internal Authentication to card and sends RNDifd 00 88 00 KID 08 RNDifd

3. Card receives RNDifd and it uses the corresponding key in the card to do DES encryption. 8 bytes D1 are then generated.

4. Card sends D1 to the terminal. 5. The terminal receives the authentication data D1 from the card, and it

uses corresponding key to do the DES encryption for random data RNDIFD. It then generates 8 bytes authentication data D2.

The terminal compares D1 and D2. If matching, the authentication is successful; otherwise, fail.

9.7.8 Application Example [1] KID = 01; Key type is DES encryption key

Use access right = 0xF0; Change access right = 0xEF;

Algorithm identifier = 01; Secret key version number = 01; Secret key (16 bytes) = “57415443484441544154696D65434F53” Data for encryption = “1122 3344 5566 7788”.

Step: Internal authentication or DES encryption

Command: 00 88 00 01 08 11 22 33 44 55 66 77 88 Response: 6108

For cards of T=0, 6108 indicates the length of data card returned. Command GET RESPONSE can get the returned data. WATCHDATA readers can auto get returned data without GET RESPONSE command.

Command: 00 C0 00 00 08 Response: 07 CB F6 15 E7 D7 2F 96 9000 Explanation:

07 CB F6 15 E7 D7 2F 96 is the results of internal authentication or the DES encryption function.

[2] KID = 01; Key type is DES decryption key

Use access right = 0xF0; Change access right = 0xEF; Algorithm identifier = 01;

Secret key version number = 01; Secret key (16 bytes) =“57415443484441544154696D65434F53”

data for decryption= “07 CB F6 15 E7 D7 2F 96” Step: Internal authentication or DES decryption process

Command: 00 88 01 01 08 07 CB F6 15 E7 D7 2F 96


Response: 6108 For cards of T=0, 6108 indicates the length of data card returned. Command GET RESPONSE can get the returned data. WATCHDATA readers can auto get returned data without GET RESPONSE command. Command: 00 C0 00 00 08 Response: 11 22 33 44 55 66 77 88

Explanation: 11 22 33 44 55 66 77 88 is the results of internal authentication or DES decryption.

[3] KID = 01; Key type is the DES&MAC Decryption Key Use access right = 0xF0;

Change access right = 0xEF; Algorithm identifier = 01;

Secret key version number = 01; 16 bytes Secret key = 57415443484441544154696D65434F53;

Data for MAC generation = 11 22 33 44 55 66 77 88 Step: Internal authentication or generate MAC

Command: 00 88 02 01 08 11 22 33 44 55 66 77 88 Response: 6104

For cards of T=0, 6104 indicates the length of data card returned. Command GET RESPONSE can get the returned data. WATCHDATA readers can auto get returned data without GET RESPONSE command. Command: 00 C0 00 00 04 Response: 87 56 E2 85 9000

Explanation: 87 56 E2 85 is the 4 byte MAC generated by the internal authentication process. The initial 8 bytes value for MAC generation = 0000000000000000

9.8 Read Binary

9.8.1 Description READ BINARY command is for reading full or partial contents of the binary file.

9.8.2 Note • Read Binary command is only applied to binary file • Commands for binary file are as follows:

Create file Select File Read Binary / Update Binary

• This command can only be executed if the read access right is fulfilled.




Byte/s

CLA --- 00/04 1 INS --- B0 1 P1 Refer to explanation XX 1 P2 Refer to explanation XX 1 Lc No exist (exception

CLA=04) - -

DATA No exist (while CLA=04, it includes MAC)

- -

Le Length of data to read XX 1

Table 5 Explanation:

• If the MSB of P1 is 100, the lower 5 bit will be the short FID and P2 will be the offset to read.

P1 P2 b7 b6 b5 b4 b3 b2 b1 b0 1 0 0 short FID Offset

• If the MSB of P1 is not 1 then P1 and P2 will be the offset to read and

the current file is the file to read.

P1 P2 b7 b6 b5 b4 b3 b2 b1 b0 0 Offset value

9.8.4 Command Data Field In general, the command data field is absent.

When secure messaging is applied, the command data field includes 4 bytes MAC. For the data encryption by Maintenance Key and MAC generation, please refer to “Secure Messaging”.

9.8.5 Response Data Field The response data field contains data that read out. If secure messaging is applied, the response data field consists of the read data and 4 bytes MAC. If encryption secure messaging is applied, the response data field consists of the encryption read data and 4 bytes MAC. Notes: Files can be read in clear text even if they are set as secure messaging or encrypted secure messaging. Please refer to “Create File” for more information.





67 00 Incorrect length 69 81 Not a binary file 69 82 Read access right not fulfilled 6A 81 Current function not supported (MF missing or

blocked) 6A 82 File not found 6C XX Incorrect Le 6B 00 Wrong parameter (offset address goes beyond the

EF size)

Table 6 Explanation:

• If the file checksum is incorrect, the card still sends the data out together with the warning status word SW1 SW2 = 6281. Once the file is written again, card will calculate a new checksum.

• To read a binary file, which does not have any data in it, it will return 6281 as well.

• For cards of T=0, if Le=00 or it goes beyond the EF size, the card will return the warning status word 6CXX to ask the Le be set as XX. Meanwhile, it reissues the command.

9.8.7 Application Example [1] File type: Binary file

FID = 0005; File body size = 8 bytes; Step:

Read data starting from the offset 00 until the end of file with no secure messaging protection.

Command: 00 B0 85 00 00 Response: 6C08

Explanation: For cards of T=0, 6C08 means it is required that the terminal resends previous command header with Le = 08

Command: 00 B0 85 00 08 Response: 11 22 33 44 55 66 77 88 9000


9.9 Read Record

9.9.1 Description READ RECORD command is for reading content of Fixed-Length Record, Cyclic Record, Electronic Purse File and Variable-Length Record files. The response consists returned record.

9.9.2 Note • Read Record command is applied on Fixed-Length Record, Cyclic Record,

Electronic Purse File and Variable-Length Record files • Commands for Record file are:

Create File Select File Read Record Update Record Append Record

• The command is only applicable when the read access right is fulfilled.



Byte/s

CLA --- 00/04 1 INS --- B2 1 P1 Refer to explanation XX 1 P2 Refer to explanation XX 1 Lc Not exist (exception when

CLA=04) - -

DATA Not exist (exception when CLA=04)

- -

Le Length of data to read XX 1

Table 7

Explanation: Designation for P1:

Type Designation for P1 FLRF Record number - If the file has N records, then the record

number can be any value of 1 to N. VLRF Record number - If the file has N records then the record

number can be any value of 1 to N. Record tag - It is read by record tag, the LSB 3 bit of P2 must be 000.

CRF Record number - The latest record to be written is RN 1, the previous updated record is RN 2 and etc.

EPF Record number - The latest record to be written is RN 1, the previous updated record is RN 2 and etc.

Designation for P2 is as follows:


Designation for P2 Explanation B7 b6 b5 b4 b3 b2 b1 b0 Read current file 0 0 0 0 0 - - - SFI X X X X X - - - According to record number, read the record indicated by P1

- - - - - 1 0 0

According to record number, read from the record indicated by P1 to the last record

- - - - - 1 0 1

According to record number, read from the last record to the record indicated by P1

- - - - - 1 1 0

According to record tag indicated by P1, read the first matching record

- - - - - 0 0 0

According to record tag indicated by P1, read the last matching record

- - - - - 0 0 1

Read the next record after the record which record tag is P1

- - - - - 0 1 0

Read the next record before the record which record tag is P1

- - - - - 0 1 1

Notes: X X X X X stands for SFI; - - - - - - represents the 00000 or SFI

9.9.4 Command Data Field Not exist

9.9.5 Response Data Field Response data field contains the record data to read



XX indicates the length of response data. Command GET RESPONSE is applied to fetch the data (only for T=0)

67 00 Incorrect length


69 81 Command and file structure mismatch 69 82 Read condition not fulfill 6A 81 Current function not support (MF missing or

blocked) 6A 82 File not found 6C XX Incorrect Le 6A 83 Record not found

Note: If CLA=04, Le is ignored and the whole record will be returned. If CLA=00, when Le is not equal to the record length, it returns the warning status code 6CXX to request Le to be set as XX. Meanwhile, it requests the command to be reissued.

9.9.7 Application Example [1] File type: FLRF

FID = 0001; Number of records = 3; Record length = 12 bytes; The file was created without secure messaging protection Step: Retrieve the record with RN 02 contained in the FLRF. Command: 00 B2 02 0C 00 Response: 6C0C Explanation:

For the card of T=0, 6C0C requests the terminal to send the command header again with Le=12

Command: 00 B2 02 0C 0C Response: 01 02 03 04 05 06 07 08 09 0A 0B 0C 9000 Explanation: 01 02 03 04 05 06 07 08 09 0A 0B 0C is the context of the RN 02

[2] File type: CRF

FID = 0003; Number of records = 3; Record length = 12 bytes; The file was created without secure messaging protection Step: Retrieve the record of RN 01, which is the latest updated record.

Command: 00 B2 01 1C 00 Response: 6C0C Explanation:

For the card of T=0, 6C0C requests the terminal to resend the command header with Le=12

Command: 00 B2 01 1C 0C Response: 01 02 03 04 05 06 07 08 09 0A 0B 0C 9000 Explanation: 01 02 03 04 05 06 07 08 09 0A 0B 0C is the contexts of the record with RN 01


[3] File type: VLRF

FID = 0007; The file was created without secure messaging protection Step: Read VLRF based on the record tag = AA; Command: 00 B2 AA 38 00 Explanation: Since read is based on record tag, LSB 3 bit of P2 must be “000”.

Response: 6C03 Explanation:

For cards of T=0, 6C03 requests the terminal to resend a command header with Le=03

Command: 00 B2 AA 38 03 Response: AA 01 11 9000 Explanation: The record retrieved is in TLV format. AA is the record tag, 01 is the data length and 11 is the data from the record. [4] File type: EPF

FID = 0004 The EPF has 2 records Record length = 4 bytes

The file was created without secure messaging protection Step: Retrieve the record of RN 01, which is the latest updated record. Command: 00 B2 01 24 00

Response: 6C04 Explanation:

For the card of T=0, 6C04 requests the terminal to resend a command header with Le=4

Command: 00 B2 01 24 04 Response: 0000 0001 9000 Explanation: 0000 0001 is the balance in the EPF

9.10 Select File

9.10.1 Description SELECT command uses the filename, FID or next application to select MF/DF (ADF, DDF). The response data field from the card contains File Control Information (FCI).

9.10.2 Note • If select MF is successful, the secure register of MF will be reset to 0. • If select DF under MF is successful, the secure register of DF will be reset to 0

and the secure register of MF remain unchanged.




Byte/s

CLA -- 00 1 INS -- A4 1 P1 Refer to explanation 00/04 1 P2 Refer to explanation 00/02 1 Lc -- XX 1 DATA FID or DF name XX...XX XX Le For DF, it’s the auto

returned max length of FCI

00 1

Explanation:

P1 = 00 Selection is based on FID (P2 must be 0). It can select: - EF or son-DF under the current DF - DF, which is the same level of the current DF P1 = 04 Select by DF filename, which has two cases: - P2=00, indicates the first or only one - P2=02, indicates the next one

This method is also applicable to DF Under all circumstances, FID = 3F00 or filename 1PAY.SYS.DDF01 can be used to select the MF.

9.10.4 Command Data Field It is empty or contains FID or DF filename.

9.10.5 Response Data Field It contains FCI of the selected ADF or DDF as defined in following tables:

Table 9.21 FCI when the DDF is successfully selected:

FCI Designation Present 6F File control information template Always 84 DF name Always A5 FCI Proprietary data Always 88 SFI of the directory elementary file Always

Table 9.21

Table 9.22 FCI when the ADF is successfully selected:

FCI Designation Present 6F File control information template Always 84 DF filename Always A5 FCI Proprietary data Optional 9F0C FCI Issuer Discretionary Data Optional


9.10.6 Response Data Field



67 00 Incorrect length 6A 81 Function not supported (MF missing or card has

been blocked) 6A 82 File not found 6A 86 Incorrect P1 / P2 parameter

9.10.7 Application Example To select a directory which compliant to banking standard. [Step 1] Conditions: Select a file with FID = 01 under MF

Command: 00 A4 00 00 02 3F00 Response: 6117 Explanation: For cards of T=0, 6117 indicates the length of data will be sent by card. Get Response command can be used to fetch the data. For WATCHDATA reader, it can auto return the response data. Therefore no GET Response command is requested.

Command: 00 C0 00 00 17 Response: 6F 15 840E 3150 4159 2E53 5953 2E44 4446 3031 A503 8801 01 9000 Explanation:

The returned data is in TLV format. - 6F is the record tag for the FCI template.

- 15 is the record length for the FCI template (excluding Tag and Length). - 84 0E 31 50 41 59 2E 53 59 53 2E 44 44 46 30 31 A5 03 88 01 01 is the 21 bytes record.

- 84 is the record tag for DF filename. - 0E is the DF filename length (excluding Tag and Length)

- 31 50 41 59 2E 53 59 53 2E 44 44 46 30 31 is 14 bytes record data, that is MF file name 1PAY.SYS.DDF01.

- A5 is the record tag for the dedicated FCI template. - 03 is the record length for the dedicated FCI template (excluding Tag and Length).

- 88 01 01 is 3 bytes record data. - 88 is the record tag for DIR SFI.

- 01 is the data length - 01 is the record data, which is the SFI for EF (DIR).

[Step 2] Condition: DIR is a VLRF.


Step: To retrieve the first record in the EF (DIR); Command: 00 B2 01 0C 00

Response: 6C15 Explanation: For cards of T=0, 6C15 requests the terminal to resend a command header with Le=0x15 Command: 00 B2 01 0C 15

Response: 70 13 61 11 4F 09 A000 0000 0386 9807 0150 04 50 42 4F 43 9000 Explanation: The returned information is in TLV format.

- 70 is the tag of variable length record. - 13 is the data length of variable length record. - 61 is the entry tag for ADF application directory - 15 is the data length - 4F is the record tag of ADF filename for the banking application. - 09 is data length of ADF filename for the banking application (excluding Tag and Length). - A0 00 00 00 03 86 98 07 01 is 9 bytes record data, which is the

ADF filename for the banking application. - 50 is the application label - 04 is the data length of the application label - 50 42 4F 43 67 is the data

[step 3] Conditions: When creating the ADF for banking application. The ADF must have a card issuer dedicated data file with SFI = 0x95

ADF file name is A000 0000 0386 9807 01 Step: Select the ADF Command: 00 A4 04 00 09 A000 0000 03 86 9807 01 Response: 6130 Explanation: For cards of T=0, 6130 indicates the length of data will be resent by card. Send Get Response command to fetch the data. For WATCHDATA reader, it can auto return the response data. Therefore, the GET Response command is not required. Command: 00 C0 00 00 30 Response: 6F 2E 84 09 A0 00 00 00 03 86 98 07 01 A5 21 9F 0C 1E 11 11 22 22 33 33 00 06 03 01 00 06 19 98 08 17 00 00 00 30 19 98 08 15 19 98 12 31 55 66 9000

Explanation: The returned information is in TLV format. - 6F is the record tag for the FCI template. - 2E is the record length for the FCI template (excluding

Tag and Length). - Followed by 44 bytes of record data (underlined) - 84 is the record tag for DF filename. - 09 is the record length for the DF filename

(excluding Tag and Length). - A0 00 00 00 03 86 98 07 01” is the 9 bytes record data for the DDF filename.

- A5 is the record tag for the FCI dedicated data file.


- 21 is the record length for the FCI dedicated data file (excluding Tag and Length).

- 9F 0C is the record tag of FCI for card issuer defined data. - Followed by 30 bytes of record data, which is contents of

the binary file with FID = 0015.

9.10.8 Select MF while at father-DF or son-DF Command Format /Parameter

CLA INS P1 P2 Lc DATA 00 A4 00 00 02 3F 00

MF will become the current directory after successful selection. The current security state register will be updated to be the same value as the security state of MF. SELECT command can select the file by the filename 1PAY.SYS.DDF01 as well.

9.10.9 To select file within the same DF or son-DF using File Identifier Command Format / Parameter

CLA INS P1 P2 Lc DATA 00 A4 00 00 02 SFI

If the selected file is son-DF, the select son-DF will be the current directory.

The security state register will be set to 0 If the selected file is EF, this file will become the current selected file. The security state will remain unchanged.

9.10.10 Select DF using DF filename Command Format / Parameter

CLA INS P1 P2 Lc DATA 00 A4 00 00 02 DF file name

Lc is the length of DF filename

The current security state register will become 0 when this command is successfully executed.


9.11 Unblock

9.11.1 Description UNBLOCK command is to unblock the 8 byte PIN which has been blocked.

9.11.2 Note This command can only be executed when the access condition for UNBLOCK PIN is fulfilled and the UNBLOCK PIN must not be blocked. Executing this command will not update the value of the security state register.

When the Unblock PIN verification is successful, the new PIN value will replace the original PIN (which has been blocked) as specified by the UNBLOCK PIN command. Both PIN and UNBLOCK PIN attempts error counter will be initialized to maximum tries.

If UNBLOCK PIN verification fails, the UNBLOCK PIN remaining attempts counter will decrement by 1. For instance, after N fail verification, the attempts error counter will reach 0 and the Unblock PIN will be blocked. A card will be invalid (permanently blocked) if it is blocked.



Byte/s

CLA --- 80 1 INS --- 2C 1 P1 --- 00 1 P2 FID for the Unblock PIN XX 1 Lc Length of command data

field 10 1

DATA Unblock PIN + New PIN XX...XX 16 Le -- -- --

When the Unblock PIN verification is successful, the new PIN value will replace the original PIN (which has been blocked) as specified by the UNBLOCK PIN command. Both PIN and UNBLOCK PIN attempts error counter will be initialized to maximum tries.

If UNBLOCK PIN presentation fails, the UNBLOCK PIN remaining attempts counter will decrease by 1. For instance, after N false presentation, the attempts error counter will reach 0 and the Unblock PIN will be blocked. A card will be invalid (permanently blocked) if it is blocked.


9.11.4 Command Data Field The data field consists of 8 bytes Unblock PIN and 8 bytes of new PIN.



Please refer to the table below for the possible response status words:

SW1 SW2 Description 90 00 Command executed successfully without error 69 82 Secret key use condition not fulfilled 69 83 Unblock PIN is blocked 6A 83 Key not found 6A 86 Incorrect P1 P2 parameter

Table 9.25 Response Status word for Unblock

9.11.7 Application Example [step 1] Conditions :- Suppose Unblock PIN with KID = 06;

Use access right = F0; Change access right = EF;

Attempts error counter = 33; The KID for the PIN which has been blocked = 05;

The 8 bytes Unblock PIN = 1122 3344 5566 7788; Created without secure messaging protection. Step :- Unblock the PIN with KID = 05.

Without using secure messaging protection.

Command :- 00 2C 00 06 10 11 22 33 44 55 66 77 88 01 02 03 04 05 06 07 08

Explanation :- 11 22 33 44 55 66 77 88 is the 8 bytes Unblock PIN. 01 02 03 04 05 06 07 08 is the 8 bytes new PIN.


9.12 Update binary

9.12.1 Description

UPDATE BINARY command is for updating binaries in a binary file.

9.12.2 Note • Update Binary is only for Binary File • Commands for the Binary File

- Create File - Select File - Read Binary/ Update Binary

��This command can only be executed only when have the write Access Right fulfilled.



Byte/s

CLA - 00/04 1 INS - D6 1 P1 Please see the notes below XX 1 P2 Please see the notes below XX 1 Lc - XX 1 DATA Data to be written to file XX...XX XX Le - - Not exist

Table 9.26 Command Format for Update Binary Explanation: • If the MSB of P1 is 100, the lower 5 bit will be the short FID and P2 will be the offset value.

P1 b7 b6 b5 b4 b3 b2 b1 b0

P2

1 0 0 short FID Offset value • If the MSB of P1 is not 1 then P1 and P2 will be the offset value for currently selected file.

P1 b7 b6 b5 b4 b3 b2 b1 b0

P2

0 Offset value Offset value • Le is the number of bytes to write.

��If secure messaging applies, Lc will be the total length of data for writing and 4 bytes MAC.

��If encrypted secure messaging applies, Lc will be the total length of encrypted data for writing and 4 bytes of MAC.


9.12.4 Command Data Field Command data field includes the new data for writing. If secure messaging applies, the command data field consists of 4 bytes MAC. If encrypted secure messaging applies, the command data field consists of encrypted data and 4 bytes of MAC. For the key used to encrypt message and MAC calculation, please refer to “4. Secure Messaging”.



The possible response status is illustrated below:

SW1 SW2 Description 90 00 Command executed successfully without error 67 00 Incorrect length (Lc field is empty). 69 81 Cannot write if not a binary file or FAC secret

key file 69 82 Write condition not fulfilled 69 87 Without security data field 6A 81 Current function not supported (MF missing or

blocked) 6A 82 File not found 6B 00 Parameter error (Offset address may have

exceeded EF size) Table 9.27 Status Word for Update Binary

9.12.7 Application Example [1] Conditions :- Suppose a binary file with FID = 0005; File body size = 8 bytes; Created without secure messaging protection.

Action: To write a binary file Command :- 00 D6 85 00 08 11 22 33 44 55 66 7 88 Response: 9000


9.13 Update Record

9.13.1 Description UPDATE RECORD command is for appending record or modifying specified record.

For Fix-length record file, if the specified record number does not exist, Update Record command appends an extra record from the last record. If the specified record tag does not exist, the Update Record command appends an extra record. For cyclic record file, if the “last record” option is specified, Update Record command actually appends a new record.

9.13.2 Note UPDATE RECORD command is for writing fixed-length record file, variable-length record file and cyclic record file. Commands applicable for Record file are shown below:

- Create File - Select File - Read Record - Update Record - Append Record

Update record command can only be executed when the write Access Right is fulfilled. For the Variable-Length Record File, the length of new record must be the same as the original record; else the command is void.


Code Designation Value (Hex) Byte/s CLA - 00/04 1 INS --- DC 1 P1 Record number or Record Tag (00

is the current record) XX 1

P2 Please refer to explanation below XX 1 Lc Data length XX 1 DATA Record data to append or to replace

the current record data XX...XX XX

Le - - Not exist Table 9.28 Command Format for Update Record


Explanation: • P2 Parameter b7 b6 b5 b4 b3 b2 b1 b0 Description 0 0 0 0 0 - - - Current EF file X x x x x - - - SFI 1 1 1 1 1 - - - RFU - - - - - 1 x x Record Number in P1 is applicable - - - - - 1 0 0 P1 is the Record Number - - - - - 0 x x Record Tag in P1 is applicable - - - - - 0 0 0 The first record matches the Record Tag

indicated in P1 - - - - - 0 0 1 The last record matches the Record Tag

indicated in P1 - - - - - 0 1 0 The next record from the record tag

indicated by P1 - - - - - 0 1 1 The last record from the record tag

indicated by P1

Note: x x x x x stands for the Short File Identity (SFI); - - - - - stands for all 0 or Short File Identity Note: 1. Only P1 = 00 & P2 = 03 can be used to append a new record to cyclic record file. 2. When P1<>00 and P2 = 04, it appends record if P1 equals to the existing Maximum Record Number + 1.

9.13.4 Command Data Field The command data field consists of the record data to append or to replace the original data.


9.13.6 Response Status Word The possible Status words returned is shown as follows:

SW1 SW2 Description 90 00 Command executed successfully without error 67 00 Incorrect length. 69 81 The current file is not fixed length or variable-

length record file 69 82 Write access right is not fulfilled 6A 81 Current function is not supported (MF missing or

blocked).


6A 82 File is not found 6A 83 Record is not found 6A 84 Insufficient space for writing

9.13.7 Application Example [1] Conditions : Fixed-length Record File

FID = 0002; Record number = 3; Record length = 12 bytes; Created without secure messaging protection.

Command :- 00 DC 01 14 0C 01 02 03 04 05 06 07 08 09 0A 0B 0C

Explanation :- “01 02 03 04 05 06 07 08 09 0A 0B 0C” is the data for writing.

[2] Conditions : Variable-length Record File

FID = 0001; Created without secure messaging protection.

[Action 1]:- Create a new record in the VLRF; with record tag = AA. Without secure messaging protection.

Command :- 00 DC 00 0A 04 AA 02 11 22 Response: 9000

[Action 2] :- Change the content of Record Tag AA and change the record tag to CC at the same time. Without using secure messaging protection.

Command :- 00 DC AA 08 04 CC 02 33 44

Response: 9000

[3] Conditions : a Cyclic Record File FID = 0003; Record number = 2; Record Length = 12 bytes; Created without secure messaging protection.

Action :- To append a record to the CRF, with no secure messaging protection.

Command :- 00 DC 00 03 0C 11 22 33 44 55 66 77 88 99 AA BB CC Response: 9000


9.14 Verify PIN

9.14.1 Description PIN VERIFY command is to verify the correctness of PIN presented in the command data field.

9.14.2 Note ��This command can only be executed when the access condition is fulfilled. ��If the last few values of the PIN is consecutive FF, these FF value can be

ignored in verification. If the PIN values are all FF, then at least one FF must be inputted.

9.14.3 Command Format / Parameter Code Designation Value (Hex) Byte/s CLA - 00/04 1 INS --- 20 1 P1 --- 00 1 P2 PIN identifier (Note 1) XX 1 Lc PIN Length 02 - 08 1 DATA External PIN input XX...XX 2 – 8 Le Not exist - -

Table 6.31Command Format for Verify PIN Explanation:

If the PIN verification is successful, the security state register will be set to the following status of that PIN. At the same time, the PIN attempts error counter will be initialized. If the PIN verification is not successful, the remaining attempts will decrease by 1. If the Unblock PIN is blocked, PIN VERIFY command is void. If the PIN is exactly 8 bytes long, UNBLOCK key can be used to unblock the blocked PIN.

9.14.4 Command Data Field The command data field contains the PIN presented by the cardholder. If secure messaging is applied, it contains the PIN and 4 bytes of MAC. If encrypted secure messaging is applied, it contains the encrypted PIN and 4 bytes of MAC. For the details of key decryption and encryption and MAC calculation, please refer to “4. Secure Messaging”.




If the inputted PIN is not the same as the one saved in the card, ��It returns SE2 = CX, X means the number of available retry time ��If it returns SW2 = C0, it means no more try for PIN verification. If PIN

verification is presented, it returns failure status word SW1 SW2 = 6983 The possible status words returned is shown as follows:

SW1 SW2 Description 90 00 Command executed successfully without error 63 CX x = remaining attempts left. 62 83 Verification error 67 00 Incorrect length. 69 81 Not a PIN 69 82 Use access right not fulfilled. 69 83 Verification PIN was blocked. 6A 82 Key File does not find. 93 02 Secure messaging error 94 03 Secret key not found

Table 9.32 Status Word for Verify PIN


9.15 Verify & Change PIN

9.15.1 Description Verify & Change PIN is used to verify and further change the 8 bytes PIN.

9.15.2 Note When the Access Right is fulfilled, Verify & Change PIN is used to verify and further change the 8 bytes PIN.



Byte/s

CLA --- 80/84 1 INS --- 24 1 P1 --- 00 1 P2 PIN Identifier XX 1 Lc --- 10 1 DATA 8 bytes old PIN + 8 bytes

new PIN XX…XX 16

Le Not exist - - Note:

If the PIN verification is successful, the security state register will be set to the following status of that PIN. The old PIN is then replaced by new PIN and PIN attempts error counter is initialised.

If the verification is not successful, the number of attempts is decreased by 1. However, the PIN value does not change.

9.15.4 Command Data Field Command Data Field consists of 8 bytes old PIN and 8 bytes of new PIN. If secure messaging is applied, it consists of 8 bytes old PIN, 8 bytes of new PIN and 4 bytes MAC value. If encrypted secure messaging is applied, it consists of encrypted 8 bytes old PIN, 8 bytes of new PIN and 4 bytes MAC value. For the details of key decryption and encryption and MAC calculation, please refer to “4. Secure Messaging”.



9.15.6 Response Status Word The possible status words returned is shown as follows:

SW1 SW2 Description 90 00 Command executed successfully without error 63 CX X = Remaining trials 6A 82 Key File not found 6A 86 P1 P2 not correct 93 02 Data in secure messaging is not correct 93 03 Application is blocked permanently 94 03 Secret key not found.

Table 9.34 Status for Verify & Change PIN


9. 16 Create File

9.16.1 Description Create File command is used to create the file structure.

9.16.2 Note ��DF and EF can only be created when the create Right is fulfilled for the

current DF. ��There is only one Key File under each DF. This Key File must be created first

before any other files. ��When the current DF is erased, file creation and accessing is free and not

restricted by the Access Right. However, when DF is accessed again after leaving, it must follow the corresponding Access Right.

��Directory file cannot be auto-selected after creation (MF exclusive). Therefore, Select File command must be applied.



Byte/s

CLA --- 80 1 INS --- E0 1 P1P2 FID XXXX 2 Lc --- XX 1 DATA File Control Information

(and DF name) XX..XX XX

Table 9.35 Command Format for Create File (Method 1) Note: The File ID for MF must be 3F00 and 000 for Key file


Byte/s

CLA --- 80 1 INS --- E0 1 P1P2 --- 0000 2 Lc Data length 1B 1 FID 0002 for purse file

0001 for passbook XXXX 2

DATA File Control Information XXXX XX Le Not exist - -

Table 9.36 Command Format to Create a Purse or Passbook (method 2)


9.16.4 Command Data Field For the Access Right that specified in the command data field, please refer to “TimeCOS Security System”.

9.16.4.1 MF P1 P2 is set to 3F00 Data File

Type Space Create

Right Erase Right

8 byte Transportation Code

Length (byte) 1 2 1 1 8 Value (HEX) 38 FFFF XX XX FFFFFFFFFFFFFFFF

Table 9.37 FCI of MF

9.16.4.2 DF Data File

Type Space Create

Right Erase Right

RFU DF Name

Length (byte)

1 2 1 1 3 5 - 16

Value (HEX)

38 XXXX XX XX FFFFFF DF name

Table 9.38 FCI of DF

9.16.4.3 EF File Type B1 B2 B3 B4 B5 B6 B7 Binary File

28 File Space Read Right

Write Right

FF KID, refer to Note[2]

Fix Length Record File

2A 2<=Record no.<=254

Record length <= 178

Read Right

Write Right


Cyclic Record File

2E 2<=Record no.<=254

Record length <= 178

Read Right

Write Right


Purse File 2F 2<=Record no.<=254

Record length <= 8

Read /Debit Right

Credit Right


E-passbook \ purse (compatible to 2.8)

2F Record No. = 2

Record Length = 8

Read Balance/ Debit Right

Overdue/ Withdraw Right

FF SFI for the transaction file

Space = all the record length +1 byte Checksum (calculated by COS)

Variable-length Record File

2C

Each Record length = Record length + 1 byte Checksum (calculated by COS)

Read Right

Write Right



Key File 3F Space = total key length + 5 reserved bytes For the calculation on each record, please refer to Note[4]

SFI for current DF. Refer to Note[4]

Create Right

FF FF

Table 9.39 FCI of EF

FID RFU File Type

File Space (Cyclic Record File)

SFI RFU

Read Right

Modify Right

RFU

Credit Right

Debit Right

RFU

Remaining Limit

Overdue Limit

RFU

0001 Passbook 0002 Purse

0000 2F Rec No. = 02

Rec Len = 08

Note[1]

FF

00

00

Note[5] Note[6] 8’s 00

Table 9.40 FCI of e-Purse/Passbook Note:

1. SFI is a one byte value, the definition is as follows: B7 To return control information: 1 Not return 0 return B6 To write transaction details: 1 Not write 0 Write (only effective to e-purse

file. Transaction details are always updated for passbook)

B5 To allow Debit, Withdraw, Overdue limit: 1 Allow 0 Not allow B4 B3 B2 B1 B0

SFI for the current file

2. For the file that protected by the Secure Messaging, the corresponding secure

method must be applied when write. 3. If the features of e-purse debit, withdraw and overdue limit are supported, the

following transaction type must be added:

Value Definition 0B Debit on e-purse file 0C Withdraw from e-purse file 0D Change the overdue limit of the purse file

Table9.41 Extended Transaction Type 4. If features of debit, withdraw and overdue limit are supported, the

corresponding command is applied with P2 set to 02. 5. The remaining limit means the remaining value should not exceed this value

when crediting (If no limit is set, set FFFFFFFF for e-passbook and 00FFFFFF for purse file)


6. If command from version 2.8 is applied to create e-purse file, this purse file

dose not support updating transaction, debit, withdraw, overdue limit feature. Note: [1] For Binary file, Fix-length Record File, Variable-length Record File, Cyclic file (except Key File), secure messaging can be applied. To enable the secure messaging, two MBS of file type are set during file creation. Byte 1 (File Type) is set as follows: B7 B6 B5 B4 B3 B2 B1 B0 Secure

Messaging 0 0 File Type None 1 0 File Type MAC 1 1 File Type DES &

MAC For example, File type will be changed from 28 to A8 for secure messaging. [2] Note for KID Byte 7 is defined as follows: B7 File effectiveness 1 File effective

0 File not effective (usually not applied) B6 File Write Position 1 EEPROM, that is the current 32K

0 expanded EEROM, that is the space out of 32K B5 Atomic Protection 1 Yes

2 No B4 Read Method 1 Plain Text

0 Encrypted Text B3 B2

Invert 2 bit for reading KID

B1

Invert 2 bit for writing KID

Table 9.42 Explanation on KID Note: To TimeCOS, the 32K and expanded space is separately managed. Each file consists of file header and body, while ll the file headers are located in the 32k. For the file body, it all locates in 32K or all in the expanded separately 32K. Only binary file can be created in the expanded space, and the space must not greater than 32k. [3] e-passbook/purse file It is compatible to commands from TimeCOS 2.8. Note: FID for e-passbook must be 0001; FID for purse file must be 0002


[4] KEY File Note: SFI for Key file must be 0000 a. Each record length = 1byte TAG + 1byte length + 5 bytes key header + key

length T and L bytes are maintained by COS Note: For Key file under MF, Record length = 1 byte TAG + 1byte length + 1 byte Key type T and L bytes are maintained by COS

b. SFI for DF SFI for DF is illustrated as follows: B7 B6 B5 B4 B3 B2 B1 B0 Description 0 0 0 x x x x x If the current DF is DDF, the lowest 5

bits of LBS is the SFI 1 0 0 x x x x x If the current DF is ADF, the lowest

5bits of LBS is the SFI for the issuer 1 1 0 x x x x x It includes the SFI for A5 module of

current DF 1 1 1 1 1 1 1 1 RFU Table 9.42 SFI for DF Note: A5 is the record tag for File Control Information

9.16.5 Response data Field Not exist.

9.16.6 Response Status Word The possible status words are as follows:

SW1 SW2 Description 90 00 Command executed successfully without error 67 00 Wrong length 69 82 Create Right not filfilled 6A 80 Record number is less than 2 or number of

directory is greater than 3 6A 84 Not enough space 6A 86 File already exists

9.16.7 Application Example

1. To create a binary file with File ID = 0015, Length = 8 bytes. Free to read and write

Read & write only for the first 32K with encrypted secure messaging. A key with Key ID = 0 is used to encrypt the message Command: 80E0001507280008F0F0FFEF


Return: 9000 2. To create a purse file, with FID = 0002, file type = 2F. It allows updating

transaction, debit, getting cash and changing overdue limit. Credit Right = F0, Debit Right = F0. Limit = FFFFFF

Command: 80E000001E000200002F0208E2FFF0F000F0F000FFFFFFFFFFFFFF0000000000000000 File 0018 is the default transaction file Return: 9000


9.17 Erase File

9.17.1 Description ERASE DF command is to erase all files under the selected DF

9.17.2 Note ��When fulfill the erase right for the MF, this command can erase all DF and EF

under MF. However, MF information of the access right and space do not change (that is it doesn’t change MF header). MF name doesn’t change too.

��When there is no files under MF, it’s free to erase MF with no restriction of access right

��After MF has been erased, it’s free to create and read/write file with no access right restriction. However, when the MF is accessed again, access right is applied.

9.17.3 Command Format / Parameter Code Designation Value

(Hex) Byte/s

CLA --- 80 1 INS --- 0E 1 P1 --- 00 1 P2 --- 00 1 Lc --- 00 1 DATA Not exist - - Le Not exist - -



9.17.6 Response Status Word The possible status words returned is as follows: SW1 SW2 Description 90 00 Command executed successfully without error 65 81 Failed writing to EEPROM. 69 82 Erase access right not fulfilled. 6A 81 Error message when the command is used to

erase file


9.18 Erase EF/DF

9.18.1 Description Erase EF/DF is used to erase the EF/DF specified by P1P2. The corresponding access right and space information (including header and file name) are erased. With file erase, the memory is re-allocated. This command can also be used to erase the EF/DF under DDF.

9.18.2 Note ��This command must be executed under the father DF and the erase right

must be fulfilled. When the DF erase right is fulfilled, the EF/DF specified by P1P2 can be erased. The corresponding access right and space information (including header and file name) are erased. With file erase, the memory is re-allocated. This command can also be used to erase the EF/DF under DDF. ��The erase to the specific EF/DF does not have any effect on other EF/DF.



Byte

CLA --- 00 1 INS --- E4 1 P1 --- 00 1 P2 --- 00 1 Lc --- 02 1 DATA Refer to Note - - Le Not exist - -

Table 6.43 Command Format for Erase EF/DF Note: Data field is the FID for DF/EF, which is 2 bytes.



9.18.5 Response Status Word The possible status words returned is as follows:

SW1 SW2 Description 90 00 Command executed successfully without error 65 81 Failed writing to EEPROM.


69 82 Erase access right not fulfilled.


9.19 Set Protocol

9.19.1 Description This command is for configuring the card communication parameters.

9.19.2 Note ��Only when the current directory is MF and it fulfills MF erase right, Set

Protocol can be used. ��When there are no files under MF, this command doesn’t restrict by any

access right.

9.19.3 Command Format / Parameter Code Designation Value

(Hex) Byte/s

CLA --- 80 1 INS --- 14 1 P1 --- 00 1 P2 --- 00 1 Lc --- 01 1 DATA Protocol parameter. Please

refer to the table below XX 1

Le Not exist - -

9.19.4 Command Data Field The Data Field is a 1byte value as shown below:

B7 B6 B5 B4 B3 B2 B1 B0 1 1 1 1 1 1 1 Communication

Protocol Note:

B0 = 0 T=0 communication protocol B0 =1 T=1 communication protocol The default value for setting parameter is FE; which means it uses 3.57MHz crystal, 9600 bps baud rate, T=0 transmission protocol.




9.19.7 Response Status Word The possible status words returned is as follows: SW1 SW2 Description 90 00 Command executed successfully without error 67 00 Wrong length 69 82 Erase access right not fulfilled. 6A 81 The current directory is not MF or no MF

9.19.8 Application Example Change the transmission protocol from T=0 to T=1 Command: 80 14 00 00 01 FF

Explanation: Parameter FE (in binary is 11111111), which means using 3.57MHz crystal, 9600 bps baud rate and T=1 transmission protocol.


9.20 Write Key

9.20.1 Description WRITE KEY command is to write the secret key into the KF or change the key value (exculsive for PIN).

9.20.2 Note ��When the Append Right is fulfilled for the Key file under current DF, Write

Key command can be used to write Key into Key File ��When the Modification Right is fulfilled, key value can be changed (exclusive

for PIN)



Byte/s

CLA --- 80/84 1 INS --- D4 1

For Key unload 01 P1 Key type, for key renew 3X

1

P2 Secret key identifier (SKID) XX 1 Lc Length of data field XX 1 DATA Key header + key value XX..XX XX Le Not exist - -

9.20.4 Command Data Field For the access right set in the command data field, please refer to the “TimeCOS Security System”.

9.20.4.1 Key upload Command Data Field = Key header (5 bytes) + key value If secure messaging is applied, it consists of encrypted data and 4 bytes MAC


Key Type Byte 1 Byte 2 Byte 3 Byte 4 Byte 5 Key length DES encryption Key

30 Use Right

Modify Right

Key version

Algo ID 8/16

DES decryption Key

31 Use Right

Modify Right

Key version

Algo ID 8/16

DESMAC key 32 Use Right

Modify Right

Key version

Algo ID 8/16

Internal Key 34 Use Right

Modify Right

Key version

Algo ID 8/16

Maintenance Key

36 Use Right

Modify Right

FF Error Counter

8/16

Master Key It’s the external authentication key with KID = 00. Its command data field is the same as the external authentication key.

External Authentication Key

39 Use Right

Modify Right

Following Status

Error Counter

16

PIN Unblock Key

37 Use Right

Modify Right

FF Error Counter

8/16

PIN Reload Key 38 Use Right

Modify Right

FF Error Counter

8/16

Change Overdraw Limit Key

3C Use Right

Modify Right

Key Version

Algo Tag 8/16

Withdraw Key 3D Use Right

Modify Right

Key Version

Algo Tag 8/16

Debit Key 3E Use Right

Modify Right

Key Version

Algo Tag 8/16

Credit Key 3F Use Right

Modify Right

Following Status

Algo Tag 8/16

PIN Key 3B Use Right

EF Error Counter

2-8 (for the PIN under Finance Directory, if the length of PIN is less than 6, FF needs to be appended

Unblock PIN Key

3B Use Right

Modify Right

PIN Key ID that needs to be unblocked

Error Counter

8

Key under MF 3X There is only one 1 byte of Key Type for this data field For the key installed by this method, its key type and content are the one corresponding to the key under MF

Table 6.44 Data Field for Key Upload by Write Key Command Note: For the Key Version and Following Status, please refer to the Explanation [4] Explanation:

[1] Secure Messaging is also applied on Key. To enable the Secure Messaging on Key (Write Key, Verify, etc.), two MSB in Byte1 (Key Type) need to be set when the key is stored.


The definition of Byte1 (Key Type) is illustrated as follows:

B7 B6 B5 B4 B3 B2 B1 B0 Secure Messaging

0 0 None 0 1

Key Type DES

1 1 Key Type DES&MAC

For example: To have the DES&MAC secure messaging for keys, the External Authentication Key type 39 is converted to F9. Note: For the key with Secure Messaging, its install and upload must apply the corresponding secure method, except the Master Key under MF. [2] When keys are installed and uploaded in Secure Messaging method:

• There are two cases when installing the Master Key under MF: i. The manufacturer loads a Secure Messaging Master Key in MF

Key file (which is the Transportation Key). Users can authenticate or replace this key when the card is first issued.

ii. After the MF has been erased by the user, the MF Master key can

be loaded in plain text. However, Secure Messaging can be set for renewing the key in secure mode.

To modify the MF Master Key, the data needs to be encrypted by MF Master Key and MAC is calculated.

• When loading the Master key for Application Directory (except MF), data is encrypted by the father DF Master Key and MAC is calculated.

When modifying the Master key for Application Directory (except MF), data is encrypted by the current DF Master Key and MAC is calculated.

• When loading/modifying the Key (except Master Key) for Application Directory (MF or DF), data is encrypted by the current DF Master Key and MAC is calculated.

Please refer to the “Secure Messaging” for the MAC calculation. [3] If there is only one Key of certain type under the Application directory, its KID is 00; else KID should starts from 01. Under one application:

• There is only one Master Key, PIN unblock Key and PIN Reload Key, and its KID must be 00.

• There are maximum 4 Maintenance Key and the KID is 00-03 • For the PIN under Finance Directory, its KID is 00 • KID cannot be FF


[4] Explanation on Technical Terms:

• Use Right It stands for the right that must be fulfilled before verification, authentication and computation. For example: If the Use Right is 41, it means the Security Register value must be greater or equal than 1 and less or equal than 4 for using that key.

• Modify Right

It means the right to change the key by Write Key command. When the Modify Right is fulfilled, Write Key command can change the content of key. However, the value of error counter remains.

• Error Counter

The 4 highest bits stands for the maximum allowed consecutive unsuccessful trail. The 4 lowest bits stands for the number of remaining trails. If the number of consecutive unsuccessful trails is greater than the allowed value, the Key will be blocked. For example: If the Error Counter is 33, it means the maximum unsuccessful key verification is 3. If it fails once, the counter will be 32 and further changed to 31 if it fails again. If the next verification or authentication is correct, the counter will change to 33. For a successful Unblock Key command, the 4 highest bits will be set to the same value as the 4 lowest bits. At the same time, the key value is changed. If unsuccessful, the number of allowed trails decreases by 1. The card will be permanently blocked if the unblock PIN and External Authentication Key is blocked.

• Following Status

After a successful verification or external authentication, the Security Register is set to the same value as the 4 lowest bits of the following status.

• Unblock KID For a successful unblock Key command, the Key specified KID is

unblocked. • Key version and the Algo Tag are defined by users.

9.20.4.2 Key Modification Command Data Field = New Key Value If Secure Messaging applies, it consist of encrypted data and 4 bytes MAC

• If the Modify Right fulfills, Write Key command can change the key value.

However, the value of error counter remains.


• It does not apply on the PIN Key. • It does not applicable when the key is blocked.



9.20.6 Response Status Word The possible status words returned is as follows: SW1 SW2 Description 90 00 Command executed successfully without error 67 00 Wrong length 69 82 Modify Right or Append right not fulfilled. 69 83 Key is blocked 6A 82 KEY File doesn’t find 6A 83 Key doesn’t find 6A 84 No space in Key File 93 02 Error in Secure Messaging when modify key

9.20.7 Application Example There is a Master Key Kactl under an ADF, and there is a Maintenance Key is written by DES&MAC. The command is as follows (the previous command must be a command to get 4 bytes Random number Rnd4): 84 D4 00 01 00 1C Encrypt(KActl + DATA) [24Bytes] +MAC(Rnd4+00000000 +KActl + 84 D4 …Encrypt(KActl , DATA)[24Bytes]) )[4Bytes] Response: 9000

Documents

WatchData_TimeCOS2.9