Personalization Data Specifications: For Debit and Credit On Chip

PERSONALIZATION DATA
SPECIFICATIONS
FOR DEBIT AND CREDIT ON CHIP
© MasterCard International Incorporated

August 1998
Notice: The information contained in this manual is proprietary and
confidential to MasterCard International Incorporated and its
members.
This material may not be duplicated, published, or disclosed, in

whole or in part, without the prior written permission of
MasterCard International Incorporated.
Trademarks: All products, names, and services are trademarks or registered

trademarks of their respective companies.
Personalization Data Specification © 1998 MasterCard International Incorporated

August 1998
Table of Contents
ABBREVIATIONS AND NOTATIONS
Abbreviations ............................................................................. iv
Notations ..................................................................................... v
SECTION 1 OBJECTIVE AND SCOPE
1.1 Purpose .............................................................................. 1-1

1.2 Objective and Scope .......................................................... 1-2
SECTION 2 REFERENCES
2.1 Related Information ........................................................... 2-1
SECTION 3 PERSONALIZATION DATA ELEMENTS
3.1 Organization ...................................................................... 3-1

3.2 Conventions ....................................................................... 3-1
3.3 Cardholder and Card Specific Data .................................... 3-3
3.3.1 Application Default Action........................................ 3-3
3.3.2 Application Effective Date ........................................ 3-4
3.3.3 Application Expiration Date ...................................... 3-4
3.3.4 Application Primary Account Number (PAN) ........... 3-5
3.3.5 Application PAN Sequence Number.......................... 3-5
3.3.6 Cardholder Name ...................................................... 3-5
3.3.7 Cardholder Name Extended ....................................... 3-6
3.3.8 Data Authentication Code ......................................... 3-6
3.3.9 Language Preference ................................................. 3-7
3.3.10 Reference PIN ......................................................... 3-7
3.3.11 SDA Tags for Signing ............................................. 3-8
3.3.12 Track 2 Discretionary Data ...................................... 3-8
3.3.13 Track 2 Equivalent Data .......................................... 3-9
3.4 MCPA— Application Data ............................................... 3-10
3.4.1 Application Currency Code ..................................... 3-10
3.4.2 Application Currency Exponent .............................. 3-10
3.4.3 Application File Locator (AFL) ............................... 3-11
3.4.4 Application Identifier (AID) .................................... 3-12
3.4.5 Application Interchange Profile ............................... 3-13
3.4.6 Application Label .................................................... 3-14
Personalization Data Specifications

August 1998
i
Table of Contents
3.4.7 Application Preferred Name .................................... 3-15

3.4.8 Application Priority Indicator .................................. 3-15
3.4.9 Application Reference Currency .............................. 3-16
3.4.10 Application Reference Currency Exponent ............ 3-16
3.4.11 Application Usage Control .................................... 3-17
3.4.12 Application Version Number ................................. 3-18
3.4.13 Issuer Country Code .............................................. 3-18
3.4.14 Processing Options Data Object List (PDOL) ........ 3-19
3.4.15 Service Code ......................................................... 3-19
3.5 CVM/PIN Data ................................................................ 3-20
3.5.1 Cardholder Verification Method (CVM) List........... 3-20
3.5.2 PIN Try Limit ......................................................... 3-21
3.6 Card Risk Management Data ........................................... 3-22
3.6.1 Card Risk Management Data Object List 1
(CDOL1) ....................................................................... 3-22
3.6.2 Card Risk Management Data Object List 2
(CDOL2) ....................................................................... 3-23
3.6.3 Issuer Action Code–Default..................................... 3-25
3.6.4 Issuer Action Code–Denial ...................................... 3-25
3.6.5 Issuer Action Code–Online...................................... 3-26
3.6.6 Lower Consecutive Offline Limit ............................ 3-26
3.6.7 Lower Cumulative Domestic Offline Transaction
Amount .......................................................................... 3-27
3.6.8 Maximum Domestic Offline Transaction
Amount .......................................................................... 3-27
3.6.9 Upper Consecutive Offline Limit............................. 3-28
3.6.10 Upper Cumulative Domestic Offline Transaction
Amount .......................................................................... 3-28
3.7 SDA-Related Data ........................................................... 3-29
3.7.1 Certification Authority Public Key Index ................ 3-29
3.8 DDA-Related Data........................................................... 3-30
3.8.1 Dynamic Data Authentication Data Object List
(DDOL) ......................................................................... 3-30
3.8.2 Hash Algorithm Indicator ........................................ 3-30
3.8.3 ICC Dynamic Data Length ...................................... 3-31
3.9 Additional Cryptographic Data (from Issuer) ................... 3-32
3.9.1 Cryptogram Version Number .................................. 3-32
3.9.2 Derivation Key Index .............................................. 3-32
3.9.3 Issuer Private Key ................................................... 3-33
3.9.4 Issuer Public Key Certificate ................................... 3-33
3.9.5 Issuer Public Key Exponent..................................... 3-34
3.9.6 Issuer Public Key Remainder .................................. 3-34

August 1998
ii
Table of Contents
3.9.7 Issuer Master Key for ICC Cryptogram

DEA Keys...................................................................... 3-34
3.9.8 Issuer Master Key for ICC MAC DEA Keys ........... 3-35
3.9.9 Issuer Master Key for ICC PIN DEA Keys .............. 3-35
3.10 Cryptographic/Internal Data ........................................... 3-36
3.10.1 Application Transaction Counter (ATC) ................ 3-36
3.10.2 Cryptogram DEA Key ........................................... 3-37
3.10.3 ICC Asymmetric Secret Key Data ......................... 3-37
3.10.4 ICC Public Key Certificate .................................... 3-38
3.10.5 ICC Public Key Exponent ..................................... 3-38
3.10.6 ICC Public Key Remainder ................................... 3-38
3.10.7 Message Authentication Code (MAC)
DEA Key ....................................................................... 3-39
3.10.8 PIN DEA Key ....................................................... 3-39
3.10.9 Signed Static Application Data .............................. 3-40
3.10.10 Various Indicators/Counters ................................ 3-40
SECTION 4 EXAMPLE OF DATA STRUCTURE
4.1 Overview ........................................................................... 4-1
SECTION 5 PRIVATE CLASS TAGS
5.1 Overview ........................................................................... 5-1
GLOSSARY
Overview ...................................................................... Glossary-1

Terms ........................................................................... Glossary-1

August 1998
iii
Abbreviations and Notations
ABBREVIATIONS USED IN THIS MANUAL
This manual uses the following abbreviations and notations. For definitions of these terms, refer
to the Glossary at the back of this document.
a Alphabetic character(s)
AAC Application Authentication Cryptogram
AAR Application Authorization Referral
AC Application Cryptogram
ADF Application Definition File
AFL Application File Locator
AID Application Identifier
AIP Application Interchange Profile
an Alphanumeric character(s)
ans Alphanumeric and special character(s)
ARPC Authorization Response Cryptogram
ARQC Authorization Request Cryptogram
ATM Automated Teller Machine
b Binary character(s)
cn Compressed numeric character(s)
CAM Card Authentication Method
CAT Cardholder Activated Terminal
CDOL Card Risk Management Data Object List
CVC Card Validation Code
CVM Cardholder Verification Method
CVR Card Verification Results
DDA Dynamic Data Authentication
DDOL Dynamic Data Authentication Data Object List
DEA Data Encryption Algorithm (= DES)
DES Data Encryption Standard (= DEA)
EMV Europay, MasterCard, and Visa
ICC Integrated Circuit Card
IEC International Electrotechnical Commission
ISO International Organization for Standardization
LCOL Lower Consecutive Offline Limit
LRC Longitudinal Redundancy Check
M Mandatory
MAC Message Authentication Code
MCC Merchant Category Code
MCPA™ MasterCard Chip Payment Application
n Numeric character(s), digits
NCA Length of the Certification Authority Public Key modulus

August 1998
iv
Abbreviations and Notations
NI Length of the Issuer Public Key modulus

NIC Length of the ICC Public Key modulus
O Optional
PAN Primary Account Number
PIN Personal Identification Number
POI Point of Interaction
PSE Payment System Environment
R Recommended
RID Registered Identifier
RFU Reserved for Future Use
SDA Static Data Authentication
SFI Short File Identifier
SHA-1 Secure Hash Algorithm-1
TC Transaction Certificate
TLV Tag Length Value
UCOL Upper Consecutive Offline Limit
var. Variable
NOTATIONS
Values surrounded by single quotes are hexadecimal values. For example, a binary field that is
one byte in length and has a value of zero would be represented as ‘00’.

August 1998
v
Objective and Scope
1.1 Purpose
1.1 PURPOSE
This document is intended for issuers implementing the MasterCard Chip Payment
Application (MCPA™ ). The MCPA enables card issuers to support MasterCard credit and
debit transactions, and Maestro® and Cirrus® debit transactions. MCPA is based on the
Europay, MasterCard, and Visa (EMV) specifications, which allows chip-based credit and debit
cards issued under any of the three brands to be accepted by the same chip card terminals
worldwide, as magnetic-stripe cards are accepted on the same terminals.
The purpose of this document is to specify the data elements that need to be input to the first
stage of the personalization process— the creation of an Application Load File (ALF).
+ Not all of these data elements will be input to the card. Some will be used to
generate card data.
MasterCard recommendations have been made wherever possible, to help guide issuers in their
selection. Issuers do not have to follow these recommendations if there are particular overriding
reasons for alternatives.
The document addresses generic data requirements which are independent of any particular card
supplier or card operating system.
The primary audience for this document is:
• MasterCard issuers intending to issue MCPA cards.
• Personalization bureaus intending to provide facilities for MCPA applications.
• Owners and developers of card operating systems.
• Developers of MCPA Application Load File (ALF) generation systems.

August 1998
1-1
Objective and Scope
1.2 Objective and Scope
1.2 OBJECTIVE AND SCOPE
Issuers use data elements described in this document as input into an MCPA Application Load
File (ALF) generation system. This system formats the data and generates the necessary
cryptographic keys and other internal data required by a particular card operating system. The
output of an ALF generation system is a file of MCPA application load data that can be handed
to a personalization bureau to load these applications into a batch of cards.
The specific input record formats required by different ALF generations systems will vary.
However, they should all accept the data elements as described in this document. Further data
elements may be required to satisfy the requirements of particular card operating systems. The
output ALF file and record formats also will vary according to the requirements of the card
operating system.
The ALF generation system may be located at the issuer or at a (secure) third-party bureau. In
the latter case the transfer of sensitive data (such as, Issuer Private Key, Issuer Master DEA
Keys, and Reference PIN) between the issuer and the bureau must be addressed separately. The
security procedures for the transmission of data elements are outside the scope of this document.
In addition to the data elements that must be supplied by the issuer, this document includes a list
of data elements which are created by the ALF generation system.
This document identifies data elements that are proprietary to MasterCard International. Other
data elements are defined in the EMV ’96 ICC Specifications for Payment Systems, 30 June
1996.

August 1998
1-2
References
2.1 Related Information
2.1 RELATED INFORMATION
The following documents and resources provide information related to the subjects discussed in
this manual.
EMV96ICC EMV ’96 ICC Specifications for Payment Systems, 31 May 1998
MCIMCR Minimum Card Requirements for Debit and Credit on Chip, Version
1.0, 24 October 1997— Published by MasterCard International
ISO 639:1988 Codes for the representation of names and languages
ISO 3166:1993 Codes for the representation of names of countries
ISO 4217:1990 Codes for the representation of currencies and funds
ISO/IEC 7813:1990 Identification cards— Financial transaction cards
ISO/IEC 7816-5:1994 Identification cards— Integrated circuit(s) cards with contacts—

Part 5: Numbering system and registration procedure for application
identifiers
Contact the ISO Web site at www.iso.ch for more information.
The MasterCard Chip Card Help Desk also provides issuers with technical support. Contact the
Card Help Desk via e-mail at chip_help@mastercard.com.

August 1998
2-1
Personalization Data Elements
3.1 Organization
3.1 ORGANIZATION
The data elements are organized into the following functional groups to facilitate understanding
and management:
• Cardholder/Card-specific Data
• MCPA— Application Data
• Cardholder Verification Method/Personal Identification Number (CVM/PIN) Data
• Card Risk Management Data
• Static Data Authentication (SDA)-related Data
• DDA-related Data*
• Cryptographic/internal Data (issuer supplied)
• Cryptographic/internal Data (created by Application Load File (ALF) system)
* Not required if issuer chooses to implement Static Data Authentication.
3.2 CONVENTIONS
The following conventions are used:
Name: (M) = Mandatory, (R) = Recommended, (O) = Optional
Format: For the format codes, see the “Abbreviation and Notation” section at the
beginning of this manual. For definition of the format codes see the
“Glossary” section at the end of this manual.
Tag: Tag from EMV96ICC
Length: Expressed in bytes
Value: The values of bytes are shown as four-bit nibbles

(hexadecimal characters) within the range ‘0’–‘9’and ‘A’–‘F’.
When the length defined for the data object (Length above) is greater than the length of the
actual data (Format above), the following rules apply:
• A data element in format “n” is right justified and padded with leading hexadecimal
zeros.
• A data element in format “cn” is left justified and padded with trailing ‘F’characters.

August 1998
3-1
3.2 Conventions
• A data element in format “an” is left-justified and padded with trailing hexadecimal
zeros.
• A data element in format “ans” is left-justified and padded with trailing hexadecimal
zeros.
• When a nibble (four bits) is stored in a byte, it is right-justified and padded with leading
hexadecimal zeros.
See EMV96ICC, Annex B for more information.

August 1998
3-2
3.3 Cardholder and Card Specific Data
3.3 CARDHOLDER AND CARD SPECIFIC DATA
This section contains data elements that are intended to be specific to a particular card. In the
personalization process, it may be possible to load these data elements in a final customization
stage.
The following personalization data elements are included in section 3.3. This is a default list.
Issuers may decide to make other data elements card-specific:
Application Default Action Data Authentication Code

Application Effective Date Language preference
Application Expiration Date Reference PIN
Application PAN Static Data Authentication (SDA) Tag for Signing
Application PAN Sequence Number Track 2 Discretionary Data
Cardholder Name Track 2 Equivalent Data
Cardholder Name Extended
3.3.1 Application Default Action (R)
Format b
Tag ‘DF00’(See table in section 5.)
Length 2
Value Byte 1:
bit 8: ‘1’= If issuer authentication fails, transmit next transaction

online
bit 7: ‘1’= If issuer authentication fails, decline transaction
(recommended)
bit 6: ‘1’= If issuer authentication is mandatory and no
Authorization Response Cryptogram (ARPC) received,
decline transaction (recommended)
bit 5: ‘0’= RFU
bit 4: ‘0’= RFU
bit 3: ‘0’= RFU
bit 2: ‘0’= If new card, transmit transaction online
bit 1: ‘1’= If new card, decline if unable to transmit transaction
online

August 1998
3-3
Byte 2: = Non-Domestic Control Factor (see the ICC Application

Specification manual, paragraph 6.1.4.1). This is the
power of two by which the LCOL and UCOL are reduced
for non-domestic transactions. Default value is zero—
‘00000000’.
Example: If LCOL = 10, UCOL = 20 and Non Domestic Control =
’00000002’, the LCOL and UCOL would be divided by 4 (22)
and the resulting non-domestic LCOL would be 2 (truncated
from 2.5) and the UCOL would be 5.
Description Data element indicating action for the card to take for certain exception
conditions.
3.3.2 Application Effective Date (O)
Format n 6 (YYMMDD)
Tag ‘5F25’
Length 3
Value Cardholder data— input by issuer
Description Date from which the card application may be used. If this is the Primary
Application, the date must be the same as the effective date in other media
on the card–embossing and magnetic stripe.
3.3.3 Application Expiration Date (M)
Format n 6 (YYMMDD)
Tag ‘5F24’
Length 3
Description Date after which the card application expires. If this is the Primary
Application, the date must be the same as the expiration date in other
media on the card— embossing and magnetic stripe. The date also is
included in Track 2 Equivalent Data (YYMM).

August 1998
3-4
3.3.4 Application Primary Account Number (PAN) (M)
Format cn var.— up to 19
Tag ‘5A’
Length var.— up to 10
Description Valid cardholder account number. Also included in Track 2 Equivalent

Data.
3.3.5 Application PAN Sequence Number (M*)
Format n2
Tag ‘5F34’
Length 1
Value 1–9
Description Identifies and differentiates cards and cardholders that have the same PAN.
* This data element is mandatory when more than one cardholder has the same PAN.
3.3.6 Cardholder Name (M*)
Format ans 2–26
Tag ‘5F20’
Length 2–26

August 1998
3-5
Description Indicates cardholder name according to ISO 7813 (magnetic stripe—

Track 1). Must be consistent with the name in other media on the card.
* This data element is mandatory when the cardholder name appears on

the magnetic stripe Track 1.
3.3.7 Cardholder Name Extended (O)
Format ans 27–45
Tag ‘9F0B’
Length 27–45
Description Indicates whole cardholder name when greater than 26 characters,

according to ISO 7813 (magnetic stripe— Track 1). Must be consistent
with the name in other media on the card.
3.3.8 Data Authentication Code (R*)
Format b
Tag ‘9F45’
Length 2
Value Issuer assigned value
Description Issuer-assigned value recommended for inclusion in Signed Application

Data used to indicate that static offline data authentication was performed.
* The DAC is not put on the card, it is only included with the Public Key Certificate.

August 1998
3-6
3.3.9 Language Preference (M)
Format an 2
Tag ‘5F2D’
Length 2–8
Description One to four languages stored in order of preference. Language codes are
specified in ISO 639. For example, English = “en”.
3.3.10 Reference PIN (O/M*)
Format cn 4–12
Length 2–6 bytes
Value Cardholder data— input by issuer, encrypted in an 8-byte block
+ PIN stored in the card that is compared with the PIN,

entered by the cardholder.
Description The recommended format of the plaintext data block is:
Length of PIN (4-12 digits) 1 byte (cn)

PIN Data 7 bytes (cn, left-justified, ‘F’ filled)
The key used to encrypt the data block is required input to the ALF
generation system, which uses a secure cryptographic device and secure
loading procedures.
* This data element is optional for MasterCard (credit) and Cirrus (ATM) cards, but
mandatory for Maestro (debit) card.

August 1998
3-7
3.3.11 SDA Tags for Signing (M)
Format b
Tag ‘DF02’(See table in section 5)
Length var.— up to 17 (recommended)
Value The following are the recommended tags:
Application Effective Date ‘5F25’

Application Expiration Date ‘5F24’
Application Identifier ‘4F’
Application Interchange Profile ‘82’
Application PAN ‘9F07’
Application PAN Sequence Number ‘5A’
Application Usage Control ‘5F34’
Issuer Action Code-Default ‘9F0D’
Issuer Action Code-Denial ‘9F0E’
Issuer Action Code-Online ‘9F0F’
Description The tags indicate the data to be signed for Static Data Authentication
(SDA)— see MCIMCR, table 6-2. The data is signed using the Issuer
Private Key, to produce the Signed Static Application Data (see 3.10.9).
SDA is the EMV offline card authentication method (CAM) using static
data— Offline Static CAM (see MCIMCR, section 6).
3.3.12 Track 2 Discretionary Data (O)
Format cn
Tag ‘9F20’
Length var.
Description Discretionary Data from Track 2 of the magnetic stripe according to

ISO/IEC 7813. The value of CVC must be 000. This means that the
discretionary data will be different from that on the magnetic stripe.

August 1998
3-8
+ Since Track 2 Equivalent Data is mandatory and this includes Track 2

Discretionary Data, it is unlikely that this data element will be necessary.
3.3.13 Track 2 Equivalent Data (M)
Format cn var.— up to 37
Tag ‘57’
Length var.— up to 19
Description Contains the data elements of track 2 of the magnetic stripe according to
the ISO.IEC 7813, excluding start sentinel, end sentinel, and longitudinal
redundancy check (LRC).
The PAN, Expiration Date, Service Code, PVV shall be identical to the
data encoded on track 2 of the magnetic stripe. The value of CVC must
be 000. This means that the discretionary data will be different from that
on the magnetic stripe.
+ CVC, a magnetic stripe security feature, serves little

purpose for chip-based transactions, and may actually
compromise magnetic stripe security when included in
electronic commerce transactions.

August 1998
3-9
3.4 MCPA— Application Data
3.4 MCPA— APPLICATION DATA
This section contains the following personalization data elements:
Application Currency Code Application Reference Currency

Application Currency Exponent Application Reference Currency Exponent
Application File Locator (AFL) Application Usage Control
Application Identifier (AID) Application Version Number
Application Interchange Profile Issuer Country Code
Application Label Processing Options Data Object List (PDOL)
Application Preferred Name Service Code
Application Priority Indicator
3.4.1 Application Currency Code (M*)
Format n3
Tag ‘9F42’
Length 2
Description Indicates the currency in which the account is managed, according

to ISO 4217.
* Mandatory if issuer uses the recommended card risk management functions for Maximum
Domestic Offline Transaction Amount or Cumulative Amount Check.
3.4.2 Application Currency Exponent (M*)
Format n1
Tag ‘9F44’
Length 1
Value = 2 for decimal currencies
Description Indicates the implied position of the decimal point according to ISO 4217.
* Mandatory if issuer uses the card risk management functions for Maximum Domestic Offline
Transaction Amount or Cumulative Amount Check.

August 1998
3-10
3.4.3 Application File Locator (AFL) (M)
Format b
Tag ‘94’
Length 8
Value Byte 1:
Bits 8–4: = SFI–Default value = ‘00001’

Bits 3–1: = ‘000’
Byte 2: First record number to be read for that SFI (never equal to
zero)
Byte 3: Last record number to be read for that SFI (shall be greater
than or equal to value in Byte 2)
Byte 4: Number of consecutive records signed in Signed

Application Data, starting with record number in Byte 2.
+ Based on the recommended SDA tags for

Signing (see 3.3.11), and a typical record
size, this byte value should be ‘01’.
Bytes 1–4 may be repeated for other files, or sequences of

records within a file.
Description Indicates the location (SFI, range of records) of the file area(s) related to a
given application.

August 1998
3-11
3.4.4 Application Identifier (AID) (M)
Format b
Tag ‘4F’
Length 7— in this version of the specification.
+ Allow for maximum length of 16 bytes.
Value ‘A000000004xxxx’
Description Identifies the application as described in ISO 7816-5. The first five bytes
are the MasterCard Registered Identifier (RID) = ‘A000000004’. The
next two bytes (xxxx above) are the MasterCard applications identifier
(PIX in ISO terms).
The following values are currently valid:
‘A0000000041010’= MasterCard (credit) card

‘A0000000046000’= Cirrus card
‘A0000000043060’= Maestro (debit) card.

August 1998
3-12
3.4.5 Application Interchange Profile (M)
Format b
Tag ‘82’
Length 2
Value The following values are mandatory (see MCIMCR, section 5.3):
Byte 1:
bit 8: ‘0’= Initiate (not supported)

bit 7: ‘1’= Application authentication is supported (may be zero for
ATM-only cards)
bit 6: ‘0’= RFU
bit 5: ‘1’= Cardholder verification is supported
bit 4: ‘1’= Terminal risk management is to be performed
bit 3: ‘0’or ‘1’ = Issuer authentication is/is not supported. The
recommended value is ‘1’— supported.
bit 2: ‘0’= RFU
bit 1: ‘0’= RFU
Byte 2: ‘00000000’— RFU
Description Indicates the capabilities of the card to support specific functions in the
application.

August 1998
3-13
3.4.6 Application Label (M)
Format an
Tag ‘50’
Length Up to 16
Value See table below
Description Description of the application specified by MasterCard, and resident in the

terminal. The following labels are currently valid:
PIX Label*
‘1010’ MasterCard
‘6000’ Cirrus
‘3060’ Debit
* The labels can be expressed in upper and lower case letters.

August 1998
3-14
3.4.7 Application Preferred Name (R)
Format ans
Tag ‘9F12’
Length Up to 16
Description Description of the application specified by the issuer and located in the
card. If present, this is the name to be displayed to the cardholder.
+ The issuer should use the same name as the Application

Label wherever possible.
PIX Label*
‘1010’ MasterCard
‘6000’ Cirrus
‘3060’ Debit
* The labels can be expressed in upper and lower case letters.
3.4.8 Application Priority Indicator (R)
Format b
Tag ‘87’
Length 1
Value bit 8: ‘1’ = Application shall not be selected without cardholder

confirmation (recommended)
bits 7–5: ‘000’ = RFU
bits 4–1: ‘0001’ = Priority of the application. Recommended value =
‘0001’— highest priority.
Description Indicates the priority of a given application or group of applications in a

directory.

August 1998
3-15
3.4.9 Application Reference Currency (O)
Format 3n per currency, up to 4 currencies
Tag ‘9F3B’
Length 2–8
Value Issuer assigns value
Description One to four currencies used between terminal and card when Transaction
Currency Code differs from Application Currency Code.
+ Reference currencies may not be supported in

terminals. MasterCard does not recommend reliance
on reference currencies for card decision making.
3.4.10 Application Reference Currency Exponent (O*)
Format n per currency, up to 4 currencies
Tag ‘9F43’
Length 1–4
Description Indicates position of decimal point for 1–4 Application Reference

Currencies (see 3.4.9).
* Mandatory if the issuer uses the Application Reference Currency (Tag ‘9F3B’).

August 1998
3-16
3.4.11 Application Usage Control (M)
Format b
Tag ‘9F07’
Length 2
Byte Bit Meaning MasterCard Maestro Cirrus

1 8 Domestic cash transaction 1 0 or 1 0 or 1
7 International cash transaction 1* 1* 1*
6 Domestic goods 1 0 or 1 0 or 1
5 International goods 1* 1* 0
4 Domestic services 1 0 or 1 0 or 1
3 International services 1* 1* 0
2 ATM’s 1 0 or 1 1
1 Terminals other than ATM’s 1 1 0
2 8 Domestic cashback allowed 0 0 0
7 International cashback allowed 0 0 0
6 RFU 0 0 0
5 RFU 0 0 0
4 RFU 0 0 0
3 RFU 0 0 0
2 RFU 0 0 0
1 RFU 0 0 0
* May be 0 for domestic use only cards.
Description Indicates issuer-specified restrictions on the geographic usage and services

allowed for the card application.

August 1998
3-17
3.4.12 Application Version Number (M)
Format b
Tag ‘9F08’
Length 2
Value ‘0001’
Description Version number assigned by MasterCard for the application. The value
‘0001’ is valid for 1998. Beginning in 1999, issuers should contact the
Chip Card Help Desk.
3.4.13 Issuer Country Code (M)
Format n3
Tag ‘5F28’
Length 2
Description Indicates the country of the issuer, represented according to ISO 3166.

August 1998
3-18
3.4.14 Processing Options Data Object List (PDOL) (O)
Format an
Tag ‘9F38’
Length var.— example below is 14 bytes
Value The following list of values (tags and lengths) are an example (see
MCIMCR, Table 5-1):
‘9F3501’ Terminal Type

‘9F3303’ Terminal Capabilities
‘9F1502’ Merchant Category Code1 (MCC)
‘9C01’ Transaction Type
‘9F1A02’ Terminal Country Code
Description List of terminal resident data objects, (tag and length) needed by the
Integrated Circuit Card (ICC) in processing the GET PROCESSING
OPTIONS command.
3.4.15 Service Code (M)
Format n3
Tag ‘5F30’
Length 2
Description Service code as defined on Track 2 of the magnetic stripe according to

ISO/IEC 7813. Also included in Track 2 Equivalent Data.
1 EMV96ICC uses codes for this value from ISO 8583:1993.

August 1998
3-19
3.5 CVM/PIN Data
3.5 CVM/PIN DATA
Cardholder Verification Method (CVM) List PIN Try Limit
3.5.1 Cardholder Verification Method (CVM) List (M)
Format b
Tag ‘8E’
Length var.— up to 32 (recommended)
Value Bytes 1–4: = ‘00000000’— Amount “X” (unsupported)
Bytes 5–8: = ‘00000000’— Amount “X” (unsupported)
Bytes 9–10: Card Verification Rules (see table below)
Byte 9 = CVM Code

Byte 10 = CVM Condition Code
MasterCard strongly recommends that issuers use the following values.
Cardholder Verification Rules for MasterCard® Cards:
CVM M/O Byte 9 Byte 10 Terminal Type

Offline PIN O ‘41’ ‘03’ ATM, Attended POI, CAT1
Signature M ‘5E’ ‘03’ Attended POI
Online PIN M ‘42’ ‘03’ ATM, CAT1
No CVM M ‘1F’ ‘03’ CAT2, CAT3

August 1998
3-20
3.5 CVM/PIN Data
Cardholder Verification Rules for Maestro® Cards:

Offline PIN* M ‘41’ ‘03’ ATM, Attended POI, CAT1,
Bank Terminal
Online PIN M ‘02’ ‘03’
Signature O ‘30’ ‘03’ Attended POI
* Waiver for terminals in parts of Europe.
Cardholder Verification Rules for Cirrus® Cards:

Offline PIN O ‘41’ ‘03’ ATM, Bank Terminal
Online PIN M ‘02’ ‘00’
Description Identifies a prioritized list of cardholder verification methods supported by

the card application.
3.5.2 PIN Try Limit (M*)
Format b
Length 1
Value ‘03’— recommended value by MasterCard.
Description Allowed consecutive wrong PINs. The value of the PIN try limit also will
be used for the initial setting of the PIN Try Counter field (Tag: ‘9517’).
* Mandatory if the issuer supports offline PIN.

August 1998
3-21
3.6 Card Risk Management Data
3.6 CARD RISK MANAGEMENT DATA
Card Risk Management Data Object List 1 (CDOL1)

Card Risk Management Data Object List 2 (CDOL2)
Issuer Action Code–Default
Issuer Action Code–Denial
Issuer Action Code–Online
Lower Conservative Office Limit
Lower Cumulative Domestic Offline Transaction Amount**
Maximum Domestic Offline Transaction Amount**
Upper Consecutive Offline Limit (UCOL)
Upper Cumulative Domestic Offline Transaction Amount
** MasterCard Proprietary Data Element
3.6.1 Card Risk Management Data Object List 1 (CDOL1) (M*)
Format an
Tag ‘8C’
Length 38 bytes
Value MasterCard recommends the following data elements (tags and lengths).
MasterCard derived this list from the list of ICC data elements which the
acquirer must return to the issuer, minus the data elements output by the
GENERATE AC command (Application Cryptogram, ATC, Cryptogram
Information Data, Issuer Application Data):

August 1998
3-22
Tag/Length Description Note(s)

‘9F0305’ Amount, Other 1
‘9F0206’ Amount, Transaction 1
‘8202’ Application Interchange Profile 1
‘9505’ Terminal Verification Results 1,2
‘9A03’ Transaction Date 1
‘9C01’ Transaction Type 1
‘9F3704’ Unpredictable Number 1
‘9F1A02’ Terminal Country Code 3
‘5F2A02’ Transaction Currency Code 3
+ 1: Data element listed as mandatory in both authorization and clearing

messages (see MCIMCR, section 11.6).
2: Terminal Verification Results is mandatory if Card Verification
Results (CVR) is implemented, in order to report the results of card
authentication. CVR is a MasterCard proprietary data element used
in card risk management, and output from the card in the Issuer
Application Data.
3: Data element not listed as mandatory in MCIMCR, section 11.6. This
is an error and an errata has been raised. The data element will
eventually be mandatory.
Description List of data objects (tag and length) to be passed to the card application
with the first GENERATE AC command.
3.6.2 Card Risk Management Data Object List 2 (CDOL2) (M*)
Format an
Tag ‘8D’
Length 38 bytes

August 1998
3-23
Value MasterCard recommends the following list of data elements (tags and
lengths). This list is derived from the list of ICC data elements which the
acquirer is obliged to return to the issuer, plus the Authorization Response
Code, and minus the data elements output by the GENERATE AC
command (Application Cryptogram, ATC, Cryptogram Information Data,
Issuer Application Data):
Tag/Length Description Note(s)

‘8A02’ Authorization Response Code 4
‘9F0306’ Amount, Other 1
‘9F0206’ Amount, Transaction 1
‘8202’ Application Interchange Profile 1
‘9505’ Terminal Verification Results 1,2
‘9A03’ Transaction Date 1
‘9C01’ Transaction Type 1
‘9F3704’ Unpredictable Number 1
‘9F1A02’ Terminal Country Code 3
‘5F2A02’ Transaction Currency Code 3
+ 1: Data element listed as mandatory in both authorization and clearing

messages (see MCIMCR, section 11.6).
2: Terminal Verification Results is mandatory if Card Verification
Results (CVR) is implemented, in order to report the results of card
authentication. CVR is a MasterCard proprietary data element used
in card risk management, and output from the card in the Issuer
Application Data.
3: Data element not listed as mandatory in MCIMCR, section 11.6. This
is an error and an errata has been raised. The data element will
eventually be mandatory.
4: Mandatory
Description List of data elements (tag and length) to be passed to the card application
with the second GENERATE AC command.

August 1998
3-24
3.6.3 Issuer Action Code–Default (M)
Format b
Tag ‘9F0D’
Length 5
Value MasterCard recommends the following values (see MCIMCR,

section 10.2):
Byte 1: ‘F8’
Byte 2: ‘40’
Byte 3: ‘64’
Byte 4: ‘20’ for MasterCard; ‘A0’ for Maestro
Byte 5: ‘00’
Description Specifies the issuer’s conditions that cause the transaction to be declined if
it might have been approved online, but the terminal is unable to process
the transaction online.
3.6.4 Issuer Action Code–Denial (M)
Format b
Tag ‘9F0E’
Length 5

section 10.2):
Byte 1: ‘00’
Byte 2: ‘10’
Byte 3: ‘88’
Byte 4: ‘00’
Byte 5: ‘00’
Description Specifies the issuer’s conditions that cause the transaction to be declined
without attempting to go online.

August 1998
3-25
3.6.5 Issuer Action Code–Online (M)
Format b
Tag ‘9F0F’
Length 5

section 10.2):
Byte 1: ‘F8’
Byte 2: ‘E0’
Byte 3: ‘64’
Byte 4: ‘F8’
Byte 5: ‘00’
Description Specifies the issuer’s conditions that cause a transaction to be transmitted

online.
3.6.6 Lower Consecutive Offline Limit (R)
Format b
Tag ‘9F14’
Length 1
Description Issuer-specified data element indicating a preference for maximum

number of consecutive offline transactions allowed for the card
application before the terminal goes online.
+ Terminal risk management and, possibly, card risk

management will use this data element.

August 1998
3-26
3.6.7 Lower Cumulative Domestic Offline Transaction Amount (R)

(MasterCard Proprietary Data Element)
Format b
Tag ‘9F50’
Length 6
Description Issuer specified data element indicating a preference for the maximum
cumulative offline transaction amount allowed for the card application
before the terminal goes online.
3.6.8 Maximum Domestic Offline Transaction Amount (R)

Format b
Tag ‘9F51’
Length 6
Description Issuer-specified data element indicating maximum offline transaction

amount.

August 1998
3-27
3.6.9 Upper Consecutive Offline Limit (UCOL) (R)
Format b
Tag ‘9F23’
Length 1
Description Issuer specified data element indicating the required maximum number
of consecutive offline card transactions for this application allowed before
the transaction goes online.
+ This data element will be used in terminal risk

management, and may also be used in card risk
management.
3.6.10 Upper Cumulative Domestic Offline Transaction Amount (R)

Format b
Tag ‘9F52’
Length 6
Description Issuer specified data element indicating the required maximum

cumulative offline amount allowed for the application before the
transaction goes online.

August 1998
3-28
3.7 SDA-Related Data
3.7 SDA-RELATED DATA
This section contains information of the Certification Authority Public Key Index data element.
3.7.1 Certification Authority Public Key Index (M)
Format b
Tag ‘8F’
Length 1
Value ‘01’
Description Identifies the certification authority’s public key in conjunction with the
Registered Identifier (RID) for use in static and dynamic data
authentication.

August 1998
3-29
3.8 DDA-Related Data
3.8 DDA-RELATED DATA
This section includes the following personalization data elements:
Dynamic Data Authentication Data Object List (DDOL) ICC Dynamic Data Length
Hash Algorithm Indicator
3.8.1 Dynamic Data Authentication Data Object List (DDOL) (M*)
Format an
Tag ‘9F49’
Length 11
Value MasterCard recommends the following values:
‘950206’ Amount Authorized

‘9F1C08’ Terminal Identification
‘9A03’ Transaction Date
‘9F3704’ Unpredictable Number
Description List of data objects (tag and length) used for dynamic data authentication.
* Mandatory, if DDA supported.
3.8.2 Hash Algorithm Indicator (M*)
Format b
Length 1
Value ‘01’= SHA-1 algorithm
Description Algorithm used to compress data prior to signing for dynamic data
authentication.
* Mandatory if DDA supported.

August 1998
3-30
3.8 DDA-Related Data
3.8.3 ICC Dynamic Data Length (M*)
Format b
Length 1
Value ‘08’— for version 1 of the MasterCard Debit and Credit Specification
Description Length of the ICC Dynamic Data generated/stored by the ICC.
* Mandatory, if DDA supported.

August 1998
3-31
3.9 Additional Cryptographic Data (From Issuer)
3.9 ADDITIONAL CRYPTOGRAPHIC DATA (FROM ISSUER)
Cryptogram Version Number Issuer Public Key Remainder

Derivation Key Index Issuer Master Keys:
Issuer Private Key – for ICC Cryptogram DEA Keys
Issuer Public Key Certificate, – for ICC MAC DEA Keys
Issuer Public Key Exponent – for ICC PIN DEA Keys
3.9.1 Cryptogram Version Number (M)
Format b
Length 1
Value ‘01’
Description Data element indicating the version of the TC/AAC/ARQC algorithm

used by the application that is transmitted in the Issuer Application Data.
MasterCard assigns this value.
3.9.2 Derivation Key Index (M)
Format b
Length 1
Value ‘01’ in 1998. Beginning in 1999, check with the Chip Card Help Desk.
Description Indicates derivation keys (Issuer Master Keys— see 3.9.7, 3.9.8, and 3.9.9)
used to produce the various ICC DEA keys.

August 1998
3-32
3.9.3 Issuer Private Key (M)
Format b
Tag
Length NI (= 96 in version 1 of the MCPA specifications)
Description Used to produce the Signed Static Application Data (see 3.10.9), and to
sign the ICC Public Key Certificate (see 3.10.4).
+ The input of the Issuer Private Key requires it be

done using a secure cryptographic device and using
secure procedures.
3.9.4 Issuer Public Key Certificate (M)
Format b
Tag ‘90’
Length NCA (= 128 in this version 1 of the MCPA specifications)
Description Issuer’s public key certified by a certification authority for use in static or
dynamic data authentication.

August 1998
3-33
3.9.5 Issuer Public Key Exponent (M)
Format b
Tag ‘9F32’
Length 1
Description Exponent used to verify signed data.
3.9.6 Issuer Public Key Remainder (M)
Format b
Tag ‘92’
Length NI - NCA + 36 (= 4 in this version of the MasterCard Debit and Credit

Specification)
Description Remaining digits of the issuer’s Public Key modulus.
3.9.7 Issuer Master Key for ICC Cryptogram DEA Keys (M)
Format b
Tag
Length 16
Description A double-length master DEA key used to derive all ICC Cryptogram DEA
keys (see 3.10.2), using the Application PAN and its sequence number as
diversification data. The double-length key is required input to the ALF
loading procedures.

August 1998
3-34
3.9.8 Issuer Master Key for ICC MAC DEA Keys (M)
Format b
Tag
Length 16
Description A double-length master DEA key used to derive all ICC MAC DEA keys
(see 3.10.7), using the Application PAN and its sequence number as
loading procedures.
3.9.9 Issuer Master Key for ICC PIN DEA Keys (M)
Format b
Tag
Length 16
Description A double-length master DEA key used to derive all ICC PIN DEA keys
(see 3.10.8), using the Application PAN and its sequence number as
loading procedures.

August 1998
3-35
3.10 Cryptographic/Internal Data
3.10 CRYPTOGRAPHIC/INTERNAL DATA
Since these data elements can be created by the ALF generation system the issuer does NOT
normally need to be input them. However, depending on the issuer’s system configurations and
security requirements, many of the fields may be generated prior to input to the ALF system.
Such fields might include the diversified DEA keys (Cryptogram DEA Key, MAC DEA Key,
PIN DEA Key), ICC Asymmetric Secret Key Data, ICC Public Key Certificate/
Exponent/Remainder, Signed Static Authentication Data. In this case, the Issuer Private Key
(see 3.9.3) and the Issuer Master DEA Keys (see 3.9.7, 3.9.8, and 3.9.9) are not required.
Application Transaction Counter (ATC) ICC Public Key Remainder

Cryptogram DEA Key * Message Authentication Code (MAC) DEA Key *
ICC Asymmetric Secret Key Data PIN DEA Key *
ICC Public Key Certificate Signed Static Application Data
ICC Public Key Exponent Various indicators/counters
* If these data elements are input to the ALF generation system, they must be encrypted using
a Key Encryption Key (KEK). This KEK is also required input to the ALF generation
system, which uses a secure cryptographic device and secure loading procedures.
3.10.1 Application Transaction Counter (ATC) (M)
Format b
Tag ‘9F36’
Length 2
Value ‘0000’
Description Transaction counter maintained by the application in the card. The ALF
system should set this to zero (new card).

August 1998
3-36
3.10.2 Cryptogram DEA Key (M)
Format b
Tag ‘DF0B’(See table in section 5.)
Length 16
Description A double-length DEA key used for Application Cryptogram generation

using the GENERATE AC command to produce ARQC, AAC, AAR and
TC cryptograms. The key also is used to verify incoming cryptograms
(ARPC), using the EXTERNAL AUTHENTICATE command.
3.10.3 ICC Asymmetric Secret Key Data (M)
Format b
Tag ‘DF0C’(See table in section 5.)
Length = 5NIC/2 (if Chinese Remainder Theorem is used)

= 2 NIC (with standard exponentiation).
Where NIC is the length of the ICC Public Key modulus. NIC = 768, 896,
or 1024 bits (96, 112, or 128 bytes) for 1998. Beginning in 1999, check
with the Chip Card Help Desk.
Description The data necessary to enable the application to sign critical data for
dynamic data authentication in response to an INTERNAL
AUTHENTICATE command.

August 1998
3-37
3.10.4 ICC Public Key Certificate (M)
Format b
Tag ‘9F46’
Length NI
Description ICC Public Key certified by the issuer using the Issuer Private Key.
3.10.5 ICC Public Key Exponent (M)
Format b
Tag ‘9F47’
Length 1
Description Exponent used to verify the signed dynamic application data.
3.10.6 ICC Public Key Remainder (M)
Format b
Tag ‘9F48’
Length NIC – NI + 42
Description Remaining digits of the ICC Public key modulus.

August 1998
3-38
3.10.7 Message Authentication Code (MAC) DEA Key (R)
Format b
Tag ‘DF0D’(See table in section 5.)
Length 16
Description A double-length DEA key used to support Secure Messaging for Integrity
and Authentication in an Issuer Script message. The key is used to verify
the MAC in the script message.
3.10.8 PIN DEA Key (R)
Format b
Tag ‘DF0E’(See table in section 5.)
Length 16
Description A double-length DEA key used to support the confidentiality requirement

in Secure Messaging for Issuer Script processing. The key is used to
decipher the enciphered PIN data component in the PIN
CHANGE/UNBLOCK command message.

August 1998
3-39
3.10.9 Signed Static Application Data (M)
Format b
Tag ‘93’
Length 40–128 Bytes (= NI — length of the Issuer Public Key modulus)
Description Digital signature on critical application parameters. The signature is

checked in static data authentication.
3.10.10 Various Indicators/Counters (M)
The following data elements need to be created in the ALF generation process. The formats and
values of the data elements will depend on the particular card operating system.
• Application Status (unblocked/blocked/permanently blocked)
• PIN Lock Status
• PIN Installation Status
• PIN Retry Counter
• Personalization Date

August 1998
3-40
Example of Data Structure
4.1 Overview
4.1 OVERVIEW
This section is intended for developers of chip card operating systems, Application Load File
(ALF) systems, and card loading systems.
The data elements described in section 3 are input to the card personalization process. This
section describes how the data elements output by the ALF system might be configured within
the chip. The data structure in the chip will depend on the card operating system.
The following discussion provides an example of how the data can be structured. The MCPA
application static data is divided into four areas:
Area 1: Application Control Data
This data consists of data elements that control the MCPA application program. This data
includes the command table used to verify the commands, and control vectors pointing to code
modules. The data in this area does not need to be altered, either when the application data is
configured, or at any subsequent time.
Area 2: Symmetric/Asymmetric Key Data
The MCPA application program uses key-related data to generate cryptograms. The
cryptograms are used by the:
• application to verify the input data
• issuer to verify the transaction data
• terminal to authenticate the application
Examples: Cryptogram DEA Key, MAC DEA Key, PIN DEA Key, ICC Asymmetric Secret
Key Data, Hash Algorithm Indicator, ICC Dynamic Data Length.

August 1998
4-1
Example of Data Structure
4.1 Overview
Area 3: Application Operational Data
These data elements indicate the status of the application, and define the operation of the
application. The terminal accesses the data issuing GET DATA or GET PROCESSING
OPTIONS commands.
Examples: Application Status, PIN Lock Status, PIN Installed Status, AIP, AFL, Application
Default Action, Lower/Upper Consecutive Offline Limits, and Lower/Upper
Cumulative Domestic Offline Transaction Amounts.
+ Area 3 also includes a Record Table used by the READ RECORD command to
access data in Area 4. Each record in the table includes SFI, Record Number,
and Address of Record Start, Length of Record. The entry for the PSE must use
a separate SFI.
Area 4: Issuer Data
The issuer supplies this data, which is required by the application and the terminal. The variable
length data elements are stored in TLV format.
The Issuer Data is held in a single file with SFI = 1. The size of each record is variable, but is
limited by the size of the chip card’s output buffer. The terminal accesses this data issuing a
READ RECORD command.
The initial record must contain the Track 2 Equivalent Data and the Cardholder Name. The
record may contain other data elements. The second record contains the data elements that are
used to check the SDA signature. The order of subsequent data elements/records is not
significant.
Examples: Application PAN, Expiration Date, Application Version No., CDOL1, CDOL2,
Data required for SDA or DDA, CVM List, Issuer Action Codes, Application
Currency Code, Application Usage Control, Issuer Country Code etc.
The PSE Directory (DIR) File would include AID, Application Label, Application Preferred
Name, and Application Priority Indicator.

August 1998
4-2
Private Class Tags
5.1 Overview
5.1 OVERVIEW
Most of the data elements described in section 3 have tags that have been allocated in
EMV96ICC. These MCPA tags ensure interoperability of MCPA transactions, and are used
during transactions.
The data elements not used during an EMV transaction do not have MCPA allocated tags.
Since many issuers will want to present the data in their personalization input files in Tag-
Length-Value (TLV) format2, the following Private Class tags have been allocated. The use of
these tags is optional. MasterCard included this list of tags to reduce the number of ad hoc and
incompatible tag allocations by Issuers and Personalization bureaus.
Reference Description Tag

3.3.1 Application Default Action ‘DF00’
3.3.10 Reference PIN ‘DF01’
3.3.11 SDA Tags for Signing ‘DF02’
3.5.2 PIN Try Limit ‘DF03’
3.8.2 Hash Algorithm Indicator ‘DF04’
3.8.3 ICC Dynamic Data Length ‘DF05’
3.9.1 Cryptogram Version Number ‘DF06’
3.9.2 Derivation Key Index ‘DF07’
3.10.2 Cryptogram DEA Key ‘DF0B’
3.10.3 ICC Asymmetric Secret Key Data ‘DF0C’
3.10.7 MAC DEA Key ‘DF0D’
3.10.8 PIN DEA Key ‘DF0E’
2 For a description of TLV coding see EMV96ICC, Annex C— Data Objects

August 1998
5-1
Glossary
Overview
OVERVIEW
This section defines various terms, concepts, acronyms, and abbreviations that are used
throughout the Business Functional Requirements for Debit and Credit on Chip manual. These
terms and definitions appear for convenience only and are not intended to serve, nor should
serve, as definitions for any legal or technical purpose. MasterCard specifically reserves the
right to add to, delete from, or otherwise change any term appearing herein and specifically
cautions members and agents therefor not to rely upon any term appearing herein for any legal or
technical purpose.
TERMS
AAC
See application authentication cryptogram.
AC
See application cryptogram.
account number
A unique sequence of numbers assigned to a card account that identifies the issuer and type of
financial transaction card.
acquirer
A member that maintains the merchant relationship and acquires the data relating to a transaction
from the merchant or card acceptor.
ADF
See application definition file.
AFL
See application file locator.
AID
See application identifier.
AIP
See application interchange profile.
application
The protocol between the card and the terminal and its related set of data.

August 1998
Glossary-1
Glossary
Terms
application authentication cryptogram (AAC)

A value computed by the ICC for a declined transaction, not for online authorization.
application cryptogram (AC)

A cryptogram returned by an IC card to a terminal in response to a GENERATE AC command.
The GENERATE AC is issued by the terminal to request an IC card decision to either: accept,
decline, or go online. This command also communicates terminal resident information to the IC
card, which is used in this decision process.
application currency code

Indicates the currency in which the account is managed according to ISO 4217.
application definition file (ADF)

The ADF provides the entry point to one or more application elementary files (AEFs). The ADF
identifies an application and contains important data used by the terminal during the application
selection process. The ADF tree structure:
• Enables the attachment of data files to an application.

• Ensures the separation between applications.
• Allows access to the logical structure of an application by ADF selection.
application effective date

The date from which the application can be used.
application elementary file (AEF)

Set of data units or records that share the same file identifier. It cannot be the parent of another
file. An AEF in the range1–10, contains one or more primitive Basic Encoding Rules— Tag
Length Value (BER-TLV) data objects grouped into constructed BER-TLV data objects
(records).
application expiration date

The date after which, the application expires. In other words, the last day on which the
application may be used.
application file locator (AFL)

The Application File Locator contains data associated with the selected application and identifies
the files and records to be used for processing a transaction.
Personalization Data Specifications © 1998 MasterCard International Incorporated

August 1998
Glossary-2
Glossary
Terms
application identifier (AID)

A numbering system and registration procedure for identifying specific companies and their
chip-based products, as defined by ISO/IEC 7816-5. The Application Identifier is comprised of
two components: the Registered Application Identifier or “RID” and the Proprietary Application
Identifier Extension or PIX.
application interchange profile (AIP)

Specifies the application functions that are supported by the IC card. The terminal attempts to
execute only those functions that the IC card supports.
application label
Mnemonic associated with the AID according to ISO/IEC 7816-5. This field is up to 16
characters in length. The application label allows for global interoperability, but the application
preferred name, if available, overrides the application label. See Application Preferred Name.
application preferred name

Preferred mnemonic associated with the AID, as specified by the issuer. This field is up to 16
characters in length. The application preferred name, if available, overrides the application label.
See Application Label.
application reference currency

1-4 currency codes to be used between the terminal and the ICC in cases where the terminal
currency code is different from the application currency code. Each code is 3 digits in
accordance with ISO 4217.
application transaction counter (ATC)

Counter maintained by the application in the ICC (incrementing the ATC is managed by the
ICC).
application version number

Version number assigned by the payment system for the application.
ARPC
See authorization response cryptogram.
ARQC
See authorization request cryptogram.
ATC
See application transaction counter.

August 1998
Glossary-3
Glossary
Terms
ATM
See Automated Teller Machine.
authorization
Approval of a transaction by or on behalf of an issuer according to defined operations
regulations. The merchant receives, via telephone or authorization terminal, this approval to
process the transaction.
authorization request cryptogram (ARQC)

A value computed by the ICC for online application authentication.
authorization response cryptogram (ARPC)

A value that defines the disposition of a message.
automated teller machine (ATM)

An unattended, chip or magnetic stripe reading terminal that dispenses cash, accepts deposits and
loan payments, and enables a bank customer to order transfers among accounts and make
account inquiries.
binary character(s) (b)

A computer format that uses a series of bits to store numeric values in which all values from
hexadecimal ‘00’to hexadecimal ‘FF’are acceptable.
byte
A single unit of information, such as a letter, number, or other character. A byte is made up of
eight bits. Through arrangement of the bits 0 and 1 values, the byte may express any of 256
characters.
CAM
See card authentication method.
card
A rectangular plastic medium used to carry information relating to its issuer and user. A credit
card, charge card, bankcard, ATM/debit card, or the account associated with any such card that is
issued by a licensee of the Associations. By incorporating multiple payment options on one
card, members can offer value-added services to their cardholders.

August 1998
Glossary-4
Glossary
Terms
card authentication method (CAM)

The process to determine if a card is genuine.
In MasterCard Cash, offline authentication occurs when information is exchanged between the
processor on the chip card and the POI terminal to determine card validity; online authentication
occurs when information is exchanged between the processor on the chip card and the issuer's
host system.
card risk management data object list 1 (CDOL1)

List of data objects (tag and length) to be passed to the ICC in the first generated application
cryptogram command.
card risk management data object list 2 (CDOL2)

List of data objects (tag and length) to be passed to the ICC in the second generated application
cryptogram command.
card validation code (CVC)

A two-part card security feature. CVC 1 is a 3-digit code encoded on track 1 and track 2 in three
contiguous positions in the "discretionary data" field of a magnetic stripe on a MasterCard card.
CVC 2 differs from CVC1 and is indent printed into the secure signature panel on the card. The
CVC is intended to inhibit the alteration of card data and enhance the authentication of the card.
card verification results (CVR)

Proprietary data element used by the card to store the results of card risk management. This data
can be communicated to the issuer.
cardholder
The authorized user of a card issued by a licensed member.
cardholder activated terminal (CAT)

A customer-activated chip or magnetic stripe reading terminal, (usually unattended), that
dispenses a product or provides a service, and that is an Automated Dispensing Machine/Level 1,
Self-Service Terminal/Level 2, Limited Amount Terminal/Level 3, or In-Flight Commerce
Terminal/Level 4 in accordance with MasterCard rules.
cardholder verification method (CVM)

A system and/or technology used to verify the authenticity of the cardholder (i.e., use of a PIN).
CAT
See cardholder activated terminal.

August 1998
Glossary-5
Glossary
Terms
CDOL1
See card risk management data object list 1.
CDOL2
See card risk management data object list 2.
certificate
A code usually generated via cryptography, which represents several pieces of information about
a transaction, such as the amount, card issuer number, terminal identifier, etc. The certificate,
instead of the simple amount of the transaction, is transmitted from the card to the terminal,
making it difficult for counterfeiters or unscrupulous merchants to defraud the system. If fraud is
suspected in the system, the certificate provides the audit trail.
certification authority
Trusted third party that establishes a proof that links a public key and other relevant information
to its owner.
chip
A small square of thin, semiconductor material that has been chemically processed to have a
specific set of electrical characteristics such as circuits, storage, and/or logic elements. The
microprocessor chip has an operating memory, a programming memory, and a data memory that
allows internal processing to take place and provides additional storage capacity.
chip card
A plastic card into which one or more integrated circuits are inserted. The chip card conforms to
all ISO standards.
Cirrus
Cirrus System Incorporated, a wholly owned subsidiary of MasterCard International
Incorporated, operates the international ATM sharing association known as the "Cirrus® ATM
Network."
clearing
The process of exchanging financial transaction details between an acquirer and an issuer to
facilitate posting of a cardholder's account and reconciliation of a customer's settlement position.
closed system
A card system, involving a single card issuer that can be used to access services or purchase
products at a single or multiple service providers. The opposite of an Open System.

August 1998
Glossary-6
Glossary
Terms
command
A message sent by the terminal to the ICC that initiates an action and solicits a response from the
ICC.
compressed numeric characters (cn)

Numeric data that is left justified and padded with trailing ‘FF’characters.
cn
See compressed numeric characters.
credit card
A plastic card bearing an account number assigned to a cardholder with a credit limit that can be
used to purchase goods and services, and to obtain cash disbursements on credit, for which a
cardholder is subsequently billed by an issuer for repayment of the credit extended at once or on
an installment basis.
cryptogram
The output from the process of transforming cleartext into ciphertext for security or privacy.
CVC
See card validation code.
CVM
See cardholder verification method.
CVV
See card verification value.
data encryption algorithm (DEA)

A cryptographic algorithm adopted by the National Bureau of Standards for data security.
Encryption scrambles PINs (personal identification numbers) and transaction data for safe
transmission.
data encryption standard (DES)

An encryption standard approved for secure messaging and is defined in ISO 8731-1, ISO 8372,
and ISO/IEC 10116.
DDOL
See Dynamic Data Authentication Data Object List.

August 1998
Glossary-7
Glossary
Terms
debit card
A plastic card used to initiate a debit transaction. In general, these transactions are used
primarily to purchase goods and services and to obtain cash, for which the cardholder's asset
account is debited by the issuer.
DEA
See data encryption algorithm.
DES
See data encryption standard.
digital signature
An asymmetric cryptographic transformation of data that allows the recipient of the data to prove
the origin and integrity of the data, and protect the sender and the recipient of the data against
forgery by third parties, and the sender against forgery by the recipient.
Dynamic Data Authentication Data Object List (DDOL)

List of data objects (tag and length) to be passed to the ICC in the internal Authenticate
Command.
embossing
Characters raised in relief from the front surface of a card.
EMV
Europay International S.A., MasterCard International Incorporated, and Visa International
Service Association.
encryption
The technique of modifying a known bit stream on a transmission line so that it appears to be a
random sequence of bits to an unauthorized observer. It often is done automatically in the
terminal or computer before data is transmitted.
function
A process accomplished by one or more commands and resultant actions that are used to perform
all or part of a transaction.
GENERATE AC (command)
The command, GENERATE AC, stands for “to generate an application cryptogram”. This
command is issued by the terminal and used when exchanging risk management data between
the terminal and the IC card. The IC card’s response communicates to the terminal the IC card
decision to either: accept, decline, or go online.

August 1998
Glossary-8
Glossary
Terms
hybrid card
A card that contains both a magnetic stripe and a microprocessor chip.
ICC
See Integrated Circuit Card.
IEC
See International Electrotechnical Commission
integrated circuit card (ICC)

An International Organization for Standardization (ISO) standard card with an embedded
integrated circuit chip containing memory and optional logic capability. Also called a smart card
or chip card.
interchange
The exchange of transaction data between acquirers and issuers in accordance with MasterCard
rules.
interchange fee
A fee applied to an interchange transaction, applicable to the two members participating in the
transaction as issuer and acquirer.
International Electrotechnical Commission (IEC)

Formerly known as the International Electromechanical Commission, this group works with the
International Organization for Standardization (ISO) and covers the field of electrical and
electronic engineering, with all other subject areas being attributed to ISO. ISO collaborates
closely with the IEC on all matters of electrotechnical standardization.
International Organization for Standardization (ISO)

An international body that provides standards for financial transactions and telecommunication
messages. ISO works in conjunction with the Consultive Committee for International Telephone
and Telegraph (CCITT) for standards that impact telecommunications. ISO supports specific
technical committees and work groups to promulgate and maintain financial services industry
standards, such as bank identification numbers and merchant category codes.
interoperability
Within the product range of MasterCard International, the brand/product (i.e., MasterCard
credit, Maestro , Cirrus ) should have the same characteristics everywhere as perceived by the
cardholder. The ability of computers, electronic products, and services from different vendors,
manufacturers, associations, and organizations to effectively work together in an open
environment. Also, compliant with the Joint Integrated Circuit Card and Terminal
Specifications For Payment Systems; also known as the EMV ‘96 Specifications.

August 1998
Glossary-9
Glossary
Terms
ISO
See International Organization for Standardization
issuer
Cardholder’s bank or non-bank which has issued a credit, charge, ATM and/or debit card to an
individual or cardholder, receives transaction information from MasterCard International,
reflects transaction and outstanding balance information, and carries consumer loans in the form
of bankcard accounts. The issuer is responsible for: resolving cardholder disputes, handling
cardholder information requests, and processing cardholder refunds, as warranted. The issuer
selects the card risk management parameters and other cardholder specific data and personalizes
this on the chip card. The entity that issues the card, controls the allocation of the areas of
memory to application providers and provides the cardholder information common to all
applications.
issuer country code

Indicates the country of the issuer according to ISO 3166.
key
A sequence of symbols that controls the operation of a cryptographic transformation.
language preference
One to four languages stored in order of preference, each represented by 2 alphabetical
characters according to ISO 639.
LCOL
See lower consecutive offline limit.
LRC
See longitudinal redundancy check.
longitudinal redundancy check (LRC)

A character recorded on a magnetic track and used to check the integrity of data read from the
track (defined in ISO 7811 for ISO standard identification cards).
lower consecutive offline limit (LCOL)

Issuer-specified preference for the maximum number of consecutive offline transactions for a
given ICC application allowed in a terminal with online capability.
MAC
See message authentication code.

August 1998
Glossary-10
Glossary
Terms
magnetic stripe
The magnetically encoded stripe on the bankcard plastic that contains information pertinent to
the cardholder account. The physical and magnetic characteristics of the magnetic stripe are
specified in ISO Standards 7810, 7811, and 7813.
MasterCard Chip Payment Application (MCPA™ )

The payment application loaded on a chip card operating system that provides the capability to
process MasterCard, Maestro, and Cirrus transactions.
MCC
See merchant category code.
MCPA™
See MasterCard Chip Payment Application.
merchant
A retailer, or any other person, firm, or corporation that (pursuant to a merchant agreement)
agrees to accept card products, when properly presented.
merchant category code (MCC)

Four-digit classification codes used in authorization, clearing, and other transactions or reports to
identify the type of merchant.
message
A set of data elements used to exchange information between institutions (or their agents). No
communications (header, trailer, protocol, or character code) or security implications are
assumed or identified.
message authentication code (MAC)

A symmetric cryptographic transformation of data that protects the sender and the recipient of
the data, against forgery by third parties.
offline
An operating mode in which terminals or ATMs are not connected to a central computer source.
Responses are governed by the parameters or guidelines set within the terminal or supporting
device as defined by the issuer. The accessibility of information is not in a live environment,
meaning that current active files are not being viewed during the time the transaction is
conducted.

August 1998
Glossary-11
Glossary
Terms
online
An operating mode in which terminals or ATMs are connected to a central computer system and
have access to the database for authorization, inquiry, and file changes. Live files are accessed
for each transaction.
PAN
See primary account number.
personal identification number (PIN)

A four- to 12-character secret alphanumeric code that enables an issuer to positively authenticate
the cardholder for the purpose of approving an ATM or terminal transaction occurring at a point-
of-interaction device.
personalization
Personalization is the process whereby the issuer defines parameters that are programmed in the
memory within the chip during card production to manage risk and tailor the product on an
individual or segmented cardholder basis. The POI terminal through a dialogue with the chip
automatically executes the issuer specified pre-programmed parameters set forth. Hence, the
card issuer can exercise control over their card.
PIN
See Personal Identification Number.
PIN verification
A procedure that enables the issuer to validate the cardholder identity when making a
comparison with the PIN and cardholder account number.
POI
See point of interaction.
point of interaction (POI)

The location at which a transaction occurs. Also referred to a point of sale (POS) or point of
service.
primary account number (PAN)

The number that is embossed, encoded, or both, on a MasterCard card that identifies the issuer
and the particular cardholder account. The PAN consists of a major industry identifier, issuer
identifier, individual account identifier, and check digit.
private key
In public-key cryptography, the half of a public-key/private-key pair that is known only to the
encoder that resides on the user's system.

August 1998
Glossary-12
Glossary
Terms
processor
An organization that is connected with MasterCard International Incorporated and provides
authorization and/or clearing and settlement services on behalf of a member.
public key
In public-key cryptography, the half of a public-key/private-key pair that is known to the public
and can be used to decrypt messages that were encoded by the corresponding private key.
public key certificate

The public key information of an entity signed by the Certification Authority and thereby cannot
be forged.
response
A message returned by the ICC to the terminal after the processing of a command message
received by the ICC.
registered identifier (RID)

The first five bytes of the Application Identifier (AID) as assigned according to ISO/IEC 7816-5.
This code identifies the specific company that provides the chip-based product. For MasterCard,
the code is ‘A000000004’.
RID
See registered identifier.
rules
Refers to the “international operating regulations” inclusive of standards set for the brand
established by MasterCard International.
script
A command or a string of commands transmitted by the issuer to the terminal for the purpose of
being sent serially to the ICC as commands.
SDA
See static data authentication.
secret key
A key used with symmetric cryptographic techniques and usable only by a set of specified
entities.

August 1998
Glossary-13
Glossary
Terms
secure hash algorithm-1 (SHA-1)

A one-way cryptographic function which takes a message of less than 264 bits in length and
produces a 160-bit message digest. A message digest is a value generated for a message or
document that is unique to that message, and is sometimes referred to as a fingerprint” of that
message or data. Once a message digest is computed, any subsequent change to the original data
will, with a very high probability, cause a change in the message digest, and the signature will
fail to verify. This process is used by MasterCard to compress large data strings to a 20-byte
length which is used in a cryptographic process. The reduced data length relieves computational
requirements for data encryption. SHA-1 provides greater security than the original Secure Hash
Algorithm (SHA), which had security flaws.
service code
The service code is a three digit value on the magnetic stripe (i.e., tracks 1 and 2) and chip of a
bankcard which gives instructions to the terminal about the conditions under which the card may
be used. Service codes are defined by ISO.
SFI
See short file identifier.
SHA-1
See secure hash algorithm-1.
short file identifier (SFI)

A data object used as an abbreviated file identifier. It is a binary field with the three high order
bits set to zero.
static data authentication (SDA)

Authentication of an IC card as a result of interaction between a hybrid card acceptance device
and a chip card, without online contact to the issuer. The card is passive and the terminal is
active: the terminal verifies the card’s fixed cryptographic signature.
tag length value (TLV)

Standardized structure defined by ISO to identify and define data within the IC Card where:
Tag: Data object identifier

Length: Length expressed in bytes
Value: Actual data identified by the tag
terminal
A device that allows a user to send data to, receive data from, and invoke functions of a remote
computer system.

August 1998
Glossary-14
Glossary
Terms
terminal country code

Indicates the country of the terminal, represented according to ISO 3166
terminal verification results

Status of the different functions as seen from the terminal.
TLV
See tag length value.
transaction counter
A transaction counter controls the number of transactions that can be processed offline before an
online request for authorization is initiated (often referred to as a “1 in N” parameter). This is an
issuer-defined parameter.
UCOL
See upper consecutive offline limit.
upper consecutive offline limit (UCOL)

Issuer-specified preference for the maximum number of consecutive offline transactions for a
given ICC application allowed in a terminal without online capability.

August 1998
Glossary-15

Personalization Data Specifications: For Debit and Credit On Chip

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Personalization Data Specifications: For Debit and Credit On Chip

Загружено:

Авторское право:

Доступные форматы

PERSONALIZATION DATA

© MasterCard International Incorporated

This material may not be duplicated, published, or disclosed, in

Trademarks: All products, names, and services are trademarks or registered

Personalization Data Specification © 1998 MasterCard International Incorporated

ABBREVIATIONS AND NOTATIONS

SECTION 1 OBJECTIVE AND SCOPE

1.1 Purpose .............................................................................. 1-1

2.1 Related Information ........................................................... 2-1

SECTION 3 PERSONALIZATION DATA ELEMENTS

3.1 Organization ...................................................................... 3-1