implementing American Express EMV™ acceptance on a Terminal ™ EMV tools A MERICAN E XPRESS I P S ntegrated Circuit Card ayment pecification The policies, procedures, and rules in this manual are subject to change from time to time by American Express. Copyright © 2007 by American Express Travel Related Services Company, Inc. All rights reserved. No part of this document may be reproduced in any form or by any electronic or mechanical means, including information storage and retrieval systems, without the express prior written consent of American Express Travel Related Services Company, Inc. EMV is a trademark of EMVCo, LLC. PCI Security Standards Council is a trademark of PCI Security Standards Council, LLC. All other trademarks and brands are the property of their respective owners. Implementing American Express EMV Acceptance on a Terminal CONTENTS SECTION 1: INTRODUCTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.2. How to Use This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.3. Reference Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.4. Requirement Notation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 SECTION 2: EMV SPECIFICATIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.1. Industry Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.2. AEIPS: American Express Integrated Circuit Card Payment Specification . . . . . . . . . . . . . . . . . 6 SECTION 3: TERMINAL REQUIREMENTS BY EMV TRANSACTION STEP. . . . . . . . . . . . . . . . . 7 3.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 3.2. EMV Transaction Steps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Step 1: Application Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Step 2: Initiate Application Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Step 3: Read Application Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Step 4: Offline Data Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Step 5: Processing Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Step 6: Cardholder Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Step 7: Terminal Risk Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Step 8: 1st Terminal Action Analysis. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Step 9: 1st Card Action Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Step 10: Online Transaction Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Step 11: Issuer Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Step 12: 2nd Terminal Action Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Step 13: 2nd Card Action Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Step 14: Issuer Script Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Step 15: Transaction Completion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 October 2007 ■ 1 Implementing American Express EMV Acceptance on a Terminal SECTION 4: SPECIAL TRANSACTION PROCESSING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 4.1. AEIPS Requirements During Technical Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 4.1.1. Fallback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 4.1.2. Premature Card Removal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.1.3. Referral Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.1.4. Declined Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 4.1.5. Stand-In Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 4.1.6. Reversals. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 4.2. AEIPS Requirements During Situational Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 4.2.1. Refunds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 4.2.2. Card Not Present . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 4.2.3. Card Not Yet Present . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 4.2.4. Transaction Amount Not Yet Known . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 4.2.5. Card No Longer Present . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 4.2.6. Card Re-Presented for Final Charge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 4.2.7. Adding a Gratuity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 4.3. AEIPS Requirements for Unattended Payment Terminal (UPT) Scenarios . . . . . . . . . . . . . . . . . 29 4.3.1. Cardholder Verification on UPTs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 4.3.2. Fallback on UPTs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 4.3.3. Online Capability with UPTs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 SECTION 5: AEIPS TERMINAL CERTIFICATION. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 5.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 5.2. How to Perform AEIPS Terminal Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 5.3. AEIPS Terminal Certification Test Plan [AEIPS-TEST] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 5.4. Setting Up the Terminal Prior to AEIPS Terminal Certification . . . . . . . . . . . . . . . . . . . . . . . . . 34 5.4.1. Additional Parameters and Requirements for Stand-In Certification . . . . . . . . . . . . . . . . 35 5.4.2. Mandatory Data for Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 5.4.3. Connectivity Test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 October 2007 ■ 2 Implementing American Express EMV Acceptance on a Terminal 5.5. Completing the AEIPS Test Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 5.5.1. Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 5.5.2. TVR and TSI Setting Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 5.6. Overview of AEIPS Terminal Certification Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 5.6.1. Mandatory Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.6.2. Tests That Are Based on the Terminal’s Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 5.6.3. Tests That Are Performed When There Are Communication Changes . . . . . . . . . . . . . . . 45 SECTION 6: MERCHANT EDUCATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 6.1. Guidance for a Successful Training Program. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 APPENDIX A: CAPK INFORMATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 APPENDIX B: DISPLAYABLE MESSAGES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 APPENDIX C: GLOSSARY AND ACRONYMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 October 2007 ■ 3 Implementing American Express EMV Acceptance on a Terminal INTRODUCTION SECTION 1: INTRODUCTION 1.1. Overview This guide is designed to assist you (the Terminal Vendor, Merchant, Reseller, or Third Party Processor) with implementing American Express EMV acceptance on a Terminal, using the American Express Integrated Circuit Card Payment Specification (AEIPS). This guide assumes that you have a basic understanding of EMV. By studying the guide and reference documents, you will gain a sound understanding of the requirements, policies, and procedures—as well as configuration options—which apply specifically to American Express. You will also find helpful hints, in the form of “Best Practices,” to aid you in understanding how best to implement American Express EMV acceptance. This guide details only the American Express-specific requirements and configurable options for implementing EMV technology. Unless otherwise detailed within the document, process transactions as described within the EMVCo specifications. Additionally, this guide outlines only the globally-standard requirements for implementing AEIPS; there may be additional country-specific or Acquirer-specific requirements. To learn more details about EMV implementation, please contact your Acquirer or American Express Representative, or visit the EMVCo website (www.emvco.com). 1.2. How to Use This Guide While this guide is not a definitive technical specification, it will provide a roadmap to allow you a more thorough understanding of American Express EMV implementation. You will find additional support in the technical reference documents cited in 1.3. For your convenience, also included is a “Glossary and Acronyms” section at the end of this document that you can refer to as you encounter unfamiliar terms, acronyms, or phrases. Words that are defined in the glossary are capitalized when used in this guide. 1.3. Reference Documents All documents that are referred to within this guide are listed in Table 1. These documents will be referenced using the abbreviations provided. This is not an exhaustive list of available documents. Please contact your American Express Representative to learn about the additional reference documents that are available. Table 1: Reference Documents Abbreviation Full Document Name Source [AEIPS-TEST] AEIPS Test Plan v5.2, American Express Please contact your American Express Representative [AEIPS-TERM] AEIPS Terminal Specification (AEIPS 4.1), American Express Please contact your American Express Representative [AEIPS-CARD] AEIPS Chip Card Specification (AEIPS 4.1), American Express Please contact your American Express Representative [ISO-9564] Banking — Personal Identification Number (PIN) Management and Security www.iso.org October 2007 ■ 4 Implementing American Express EMV Acceptance on a Terminal Full Document Name Source [ISO-11568] Banking — Key Management (Retail) www.iso.org [ISO-11770] Information Technology — Security Techniques — Key Management www.iso.org [ISO-13492] Banking — Key Management Related Data Element (Retail) www.iso.org [ISO-15782] Certificate Management for Financial Services www.iso.org [ISO-15408] Information Technology — Security Techniques — Evaluation Criteria for IT Security www.iso.org [ISO-7813] Identification Cards — Financial Transaction Cards www.iso.org INTRODUCTION Abbreviation 1.4. Requirement Notation Throughout this guide, attention is drawn to requirements within the text by using bold and italics on key words as follows: B Mandatory requirements are highlighted through the use of the words must, shall, mandatory, or mandate(s). B Optional recommendations are highlighted through the use of the words should, optional, or recommend(s). This guide seeks to highlight only requirements above and beyond those that are mandatory in the EMV specifications, as well as options that may be set by the Payment Brands. October 2007 ■ 5 Implementing American Express EMV Acceptance on a Terminal SECTION 2: EMV SPECIFICATIONS 2.1. Industry Specifications EMV SPECIFICATIONS For the purposes of this document, “EMV” is used to describe a set of Chip Card specifications administered by EMVCo. These specifications facilitate an interoperable framework in which Chip Card-based payment transactions can be processed globally. The EMV specifications allow Payment Brands and Issuers the flexibility to customize specific requirements with regards to security, risk management, and Cardholder Verification, in order to best meet their own objectives. The EMV specifications apply to virtually every aspect of the Chip Card, including: B physical characteristics; B the electronic interface between the Chip Card and Terminal; B determination of protocols for data communication between a Chip Card and a Terminal; and B payment application features. EMVCo details and manages Terminal type approval to ensure compliance with the specifications. The Payment Brands set their own requirements for EMV implementation and define the testing processes to certify against these requirements. Banking industry associations in certain countries may also set local requirements. These tend to be related to national rollouts in order to ensure there is a consistent approach in a country (e.g., by specifying common requirements for the usage of PIN). 2.2. AEIPS: American Express Integrated Circuit Card Payment Specification The EMV specifications contain many implementation options that the Payment Brands clarify within their individual specifications. To enable the most effective usage of EMV technology, American Express has produced AEIPS. We have divided AEIPS into two separate specifications: B AEIPS Chip Card Specification [AEIPS-CARD], which defines the technical data elements and functionality when implementing EMV-compliant Chip Cards. B AEIPS Terminal Specification [AEIPS-TERM], which outlines the Terminal functionality required to process American Express EMV transactions. BEST PRACTICE: It is recommended that you read both the AEIPS Chip Card Specification and the AEIPS Terminal Specification to fully understand how to implement American Express EMV. As AEIPS is built on the EMVCo specifications, there are no technical differences between implementing EMV for American Express than for the other Payment Brands. The only differences that exist are configuration options that American Express has specified based on the EMVCo specifications. Just as American Express has configuration differences from other Payment Brands, similar configuration differences exist among other Payment Brands as well. Therefore, you can easily implement American Express EMV as you implement other Payment Brands. This affords you several benefits, including meeting the requirements of all the Payment Brands at once, saving the effort of adding AEIPS after EMV migration is already underway, and ensuring the satisfaction of potential customers. October 2007 ■ 6 Implementing American Express EMV Acceptance on a Terminal SECTION 3: TERMINAL REQUIREMENTS BY EMV TRANSACTION STEP 3.1. Introduction This section examines each step of an EMV transaction. As shown in Figure 1, American Express is interoperable with the EMV specifications and also aligns very closely with the other Payment Brands. There are only four steps within the EMV transaction process flow in which American Express has configuration differences from the industry. REQUIREMENTS BY TRANSACTION STEP Figure 1: Process Flow for an EMV Transaction insert card same as industry configuration differences Terminal Risk Management: Of the several Terminal risk management checks allowed by the EMV specifications, American Express mandates that the Terminal perform Floor Limit checking and random transaction selection. The other checks can be optionally performed by the Terminal. offline transaction unable to go online 1 application selection 2 initiate application processing 3 read application data 4 offline data authentication 5 processing restrictions 6 cardholder verification 7 terminal risk management 8 1st terminal action analysis 9 1st card action analysis 10 online transaction processing 11 issuer authentication 12 2nd terminal action analysis Application Selection: The EMV specifications allow for both complete and partial Application Identifier selection, and each Payment Brand has chosen which option to leverage. American Express requires the use of partial Application Identifier selection for all American Express® Cards, so the Application Selection Indicator within the Terminal must be set appropriately. 1st Terminal Action Analysis: There are no technical differences for handling an American Express Card during this step. Like the other Payment Brands, American Express has specific Terminal Action Code values that must be loaded into the Terminal. Online Transaction Processing: Like the other Payment Brands, American Express has a unique message format, which may vary by country. Therefore, the Terminal, Third Party Processor, or Acquirer will need to ensure that they are able to place the EMV data elements into the appropriate format for each Payment Brand. 13 2nd card action analysis October 2007 14 issuer script processing 15 transaction completion remove card ■ 7 Implementing American Express EMV Acceptance on a Terminal 3.2. EMV Transaction Steps Following is a high-level description of each EMV transaction step. For those steps where American Express has configuration differences, our requirements are noted and described in detail. In some steps, there are also additional requirements which cover operational functionality outside of the EMV specifications, e.g., PIN Bypass. These additional requirements are also described in the appropriate steps. These symbols will help identify the steps that have changes exclusive to AEIPS: Indicates there is a configuration difference specific to AEIPS Indicates no customization beyond standard EMV specifications A general description of the step appears at the beginning of each section, set off in gray borders. REQUIREMENTS BY TRANSACTION STEP Step 1: Application Selection American Express has configuration differences. When a Chip Card is inserted into a Terminal, the Terminal determines (and may have the option to display) a list of applications supported by both the Chip Card and Terminal. This is done by matching an Application Identifier (AID) loaded into the Terminal with a similar value loaded in the card. Application Selection on AEIPS-compliant cards is performed according to the EMV specifications. American Express mandates that Terminals support and are enabled for partial name selection by setting the Application Selection Indicator. In partial name selection, the select command is issued with the partial American Express AID loaded in the Terminal, which is comprised of the American Express Registered Application Provider Identifier (RID), and the first byte of the Proprietary Application Identifier Extension (PIX). The American Express RID is: “A0 00 00 00 25,” and the first byte of the PIX for an AEIPS-compliant payment application is “01.” Therefore, the AID value held within the Terminal for use in partial name selection shall be “A0 00 00 00 25 01.” If a Chip Card is inserted into a Terminal and no matching applications can be found—i.e., if the Terminal is EMV-enabled but not yet certified, or if it is EMV-enabled for other Payment Brands but not yet for American Express—the transaction must be processed using the magnetic stripe. You must not process the transaction as Fallback (see section 4.1.1. Fallback for definition). To enable the transaction to be processed using the magnetic stripe, the Terminal must not perform extended service code checking, i.e., the Terminal should not prompt for card insertion when a service code that starts with a 2 or a 6 is detected. In this case, the POS data codes or similar indicators must indicate that the Terminal did not have chip capability, e.g., Position 1 (card input capability code) ≠ 5 (Integrated Circuit Card [ICC]). To support this, the Terminal must have the ability to set the POS data code based on the Payment Brand. October 2007 ■ 8 Implementing American Express EMV Acceptance on a Terminal Step 2: Initiate Application Processing American Express has the same requirements as the EMV specifications. When an AEIPS application is selected, the Terminal requests that the Chip Card provide the location of the data to be used for the current transaction and list the functions supported. Step 3: Read Application Data American Express has the same requirements as the EMV specifications. REQUIREMENTS BY TRANSACTION STEP The Terminal reads the necessary data from the locations provided by the Chip Card and uses the list of supported functions to determine which processing to perform. The information required to perform Offline data authentication is found within the data read from the Chip Card during this stage of the transaction. Step 4: Offline Data Authentication American Express has the same requirements as the EMV specifications. However, additional requirements that cover operational functionality outside of the EMV specifications are provided. Offline data authentication validates that the card being used in the transaction is the genuine card that was issued and that the card data has not been altered. There are different types of Offline data authentication. The most common are Static Data Authentication (SDA) and Dynamic Data Authentication (DDA). The Terminal determines whether it authenticates the Chip Card Offline, using either SDA or DDA, based upon the ability of the Chip Card and Terminal to support these methods. American Express mandates that Terminals support SDA and DDA; however, support of Combined DDA / Application Cryptogram (AC) generation (CDA) is optional. Certification Authority Public Keys (CAPKs) are required to support Offline data authentication. The lack of the correct CAPKs will lead to Offline data authentication failures and potential transaction declines. Terminals must be capable of storing up to six CAPKs for each Payment Brand. Full detail of CAPK expiration dates, required Terminal load dates, earliest Issuer usage dates, and required key removal dates are detailed in Table 2. Table 2: CAPK Management Lifecycle CAPK Length Expiration Date Required Date for Acquirers to Load Earliest Date for Issuers to Use Required Removal Date at Terminals 1024 31 December 2009 31 December 2003 1 January 2004 30 June 2010 1152 31 December 2014 31 December 2005 1 March 2006 30 June 2015 1408 31 December 2017 or later 31 December 2006 1 January 2007 six months after expiration 1984 31 December 2017 or later 31 December 2006 1 January 2007 six months after expiration October 2007 ■ 9 Implementing American Express EMV Acceptance on a Terminal BEST PRACTICE: American Express, in line with other Payment Brands, reviews the CAPK lifecycle on an annual basis. Therefore, the expiration dates stated in Table 2 may change. American Express recommends that Terminals do not store the expiration date, unless it can be easily updated. American Express CAPKs are emailed to Terminal Vendors when they contact American Express to start AEIPS Terminal certification. American Express CAPKs are distributed in a fixed format. Both the CAPKs and the fixed format are detailed in Appendix A. Step 5: Processing Restrictions American Express has the same requirements as the EMV specifications. Step 6: Cardholder Verification American Express has the same requirements as the EMV specifications. However, additional requirements that cover functionality outside of the EMV specifications are provided. Cardholder Verification is used to determine whether the Cardmember is legitimate and whether or not the Chip Card has been lost or stolen. In a typical retail environment, the following Cardholder Verification Methods (CVMs) are supported by the Terminal: B Offline enciphered PIN B Offline plaintext PIN B Signature B No CVM required The actual CVM supported on an AEIPS-compliant Chip Card or Terminal will depend on the implementation of EMV within the country. PIN Requirements. The use of PIN—either plaintext or enciphered—with EMV introduces some new technical and operational requirements. The sections below detail the American Express requirements in relation to PIN. B American Express mandates that the Terminal be capable of supporting both plaintext and enciphered PIN. B The Terminal shall display the transaction amount (or an accurate estimate) to the Cardmember before PIN entry. B PIN Pads should be designed to take into account the requirements of all Cardmembers (e.g., a raised dot on the 5-key to assist partially-sighted Cardmembers, etc.). October 2007 ■ 10 REQUIREMENTS BY TRANSACTION STEP The Terminal performs a number of checks to determine whether or not to allow the transaction, or whether any product-specific geographical (e.g., domestic use only) or service-type restrictions (e.g., cannot be used for cash withdrawal) apply. Implementing American Express EMV Acceptance on a Terminal B PIN Pads should be placed in locations that can accommodate the requirements of all Cardmembers (e.g., to enable PIN entry from a seated position for wheelchair-bound customers). Also, the Cardmember should be able to see his or her card at all times. B If a PIN Pad is present, it must comply with EMV, Payment Card Industry Data Security Standard (PCI DSS) PIN Entry Device (PED), and local country requirements. American Express has no minimum requirements for PIN Pads beyond those of EMV, PCI PED, and the local country payment authorities or regulatory bodies. PIN Input Errors. When the Cardmember encounters problems entering his or her PIN, prompts are necessary to guide the Merchant and Cardmember. PIN Bypass. PIN Bypass is an option to aid the customer experience during the implementation of PIN. It can be leveraged when the Cardmember cannot remember his or her PIN or may temporarily be unable to enter the PIN. In this case, the Merchant may have the option to “bypass” PIN entry and enable the chip and Terminal to process the next CVM, which is likely to be signature. PIN Bypass shall be able to be performed only if all of the following requirements are met: B the Terminal is attended; B the Terminal is configured to provide PIN Bypass; B the Merchant and Acquirer agree to support it; and B the Chip Card’s CVM list allows another CVM to be performed, and the Terminal can support this CVM. When PIN Bypass is used, the TVR shall record that “PIN was required, PIN Pad present and working, but PIN not entered (Byte 3 Bit 4).” BEST PRACTICE: American Express recommends making PIN Bypass functionality a configurable option within the Terminal so that the functionality can be disabled when appropriate, e.g., when a country has reached PIN maturity. Important Note: PIN Bypass reduces both the fraud mitigation and operational benefits of using PIN, and therefore is functionality that should only be used during the transition to PIN as the standard CVM. It is also important to note that Issuers will be likely to decline PIN Bypass transactions as they appear more risky than PIN-based transactions. October 2007 ■ 11 REQUIREMENTS BY TRANSACTION STEP AEIPS-Specific Requirements for PIN Input Errors When a card is presented to a Terminal and the PIN try counter = 1—i.e., there is one PIN attempt remaining—then the Terminal should produce a suitable prompt to inform both the Merchant and the Cardmember of this situation. (For Terminal display messages, see Appendix B.) If the PIN try counter = 0, the Terminal shall continue the transaction, having set the applicable bits in the Terminal Verification Results (TVR), indicating that the PIN try counter has been exceeded. Implementing American Express EMV Acceptance on a Terminal Step 7: Terminal Risk Management American Express has configuration differences. During Terminal risk management, a series of checks based on information provided by the card and the Acquirer are performed. The EMV specifications detail several checks that can be performed as part of Terminal risk management. American Express mandates that Floor Limit checking and random transaction selection be performed; all other checks are optional based on the Terminal’s configuration. The results of these checks are stored by the Terminal for later use in the TVR. Step 8: 1st Terminal Action Analysis 1st Terminal action analysis compares the results of Offline data authentication, processing restrictions, Cardholder Verification, and Terminal risk management to rules set by the Issuer and American Express. This process determines whether the Terminal requests that the transaction is approved Offline, sent Online for authorization, or declined Offline. The Issuer rules are stored in the Chip Card in fields called Issuer Action Codes (IACs); the American Express rules reside in the Terminal as the Terminal Action Codes (TACs). The Terminal compares the TVR values stored during Offline processing with the IACs and TACs to determine whether any of the transaction conditions in the TVR indicate the Terminal will request that the transaction be declined or sent Online. If this is not the case, then the Terminal will request that the transaction be approved Offline by the Chip Card. After determining whether to request the transaction be approved, declined, or sent Online to the Acquirer, the Terminal requests a Cryptogram from the Chip Card. The type of Cryptogram requested depends on whether the Terminal requires a Transaction Certificate (TC) for an approval, an Authorization Request Cryptogram (ARQC) for a request to go Online, or an Application Authentication Cryptogram (AAC) for a decline. Like the other Payment Brands, American Express has specific TAC values that must be loaded into Terminals. The TAC values for American Express are detailed in the table below: Table 3: American Express TAC values Default C8 00 00 00 00 Online C8 00 00 00 00 Denial 00 00 00 00 00 Step 9: 1st Card Action Analysis American Express has the same requirements as the EMV specifications. Upon receiving the request from the Terminal, the Chip Card performs the 1st card action analysis. Here, risk management checks are performed by the Chip Card to determine the appropriate response to the Terminal’s request. The Chip Card may overrule the Terminal’s request. For example, the Chip Card could receive a request from the Terminal for an Offline approval, but the Chip Card may return a Cryptogram indicating that either October 2007 ■ 12 REQUIREMENTS BY TRANSACTION STEP American Express has configuration differences. Implementing American Express EMV Acceptance on a Terminal an Online transaction or an Offline decline is required. This is dictated by the Chip Card’s risk management parameters (as set by the Issuer). The results of this analysis are stored for later use by the Chip Card in the Card Verification Results (CVR). Step 10: Online Transaction Processing American Express has configuration differences. If the Chip Card or Terminal determines that the transaction requires an Online authorization (and if the Terminal has Online capability), the Terminal transmits an Online authorization message to the Acquirer. If the Chip Card or Terminal determines that the transaction requires Offline authorization, the Terminal will proceed with transaction completion (see Step 15). The message sent to the Acquirer includes the Cryptogram (e.g., ARQC) generated by the Chip Card, the data used to generate the Cryptogram, and indicators showing Offline processing results, including the TVR and CVR. If the Issuer has successfully validated the Cryptogram provided by the Chip Card, Issuer Authentication Data (IAD) will be included in the authorization response message. This data includes an Issuer-generated Cryptogram called an Authorization Response Cryptogram (ARPC) and an Authorization Response Code (ARC) that details the Issuer’s decision regarding the transaction. The response may also include updates for the Chip Card, called Issuer Scripts (see Step 14: Issuer Script Processing). If a Terminal receives an authorization response that contains valid information regarding the transaction result, but does not contain the required chip data to perform Issuer Authentication, this is known as a downgraded transaction (see Step 12: 2nd Terminal Action Analysis). October 2007 ■ 13 REQUIREMENTS BY TRANSACTION STEP If the transaction is required to be sent Online, but the Terminal is unable to send it Online due to technical reasons, the Terminal will proceed to 2nd Terminal action analysis (see Step 12). Implementing American Express EMV Acceptance on a Terminal Like the other Payment Brands, American Express has a unique message format, which may vary by country. The following table illustrates the mandatory and optional data elements for American Express. Table 4: Mandatory and Optional Data Elements Mandatory Data Elements: AUTHORIZATION REQUEST MESSAGE • Terminal Capabilities Indicator • Card Input Method Indicator • Amount, Authorized (Authorization) / Final Transaction Amount (Settlement) • Amount, Other • Application Interchange Profile REQUIREMENTS BY TRANSACTION STEP • Primary Account Number (PAN) • PAN Sequence Number • Application Transaction Counter • ARQC • Issuer Application Data • Terminal Country Code • TVR • Transaction Currency Code • Transaction Date • Transaction Type • Unpredictable Number AUTHORIZATION RESPONSE MESSAGE • IAD (this includes the ARPC and the ARC) • Issuer Script Data Optional Additional Data Elements: AUTHORIZATION REQUEST MESSAGE • Fallback Indicator • Application Identifier (Terminal) • Application Version Number (Terminal) • Cryptogram Information Data • CVM Results • IACs: Denial, Online, & Default Step 11: Issuer Authentication American Express has the same requirements as the EMV specifications. If the authorization response contains an ARPC, it is mandatory for the Chip Card to perform Issuer authentication by validating the response Cryptogram. Upon receiving an authorization response containing an ARPC, the Terminal submits the ARPC to the Chip Card, using the external authenticate command. This verifies that the response came from the genuine Issuer. It also prevents criminals from circumventing the Chip Card’s security features by simulating Online processing and fraudulently approving a transaction. October 2007 ■ 14 Implementing American Express EMV Acceptance on a Terminal Step 12: 2nd Terminal Action Analysis American Express has the same requirements as the EMV specifications. There are three distinct scenarios that a Terminal could face at this point in a transaction: B EMV data received in the authorization response: When the Issuer has successfully authenticated the card and returned the IAD, then the Terminal can use either the ARC in the IAD or the authorization response message to determine whether to request that the Chip Card approve or decline the transaction. B No EMV data received in the authorization response: When the Terminal does not receive any IAD in the response message, then it determines whether to request that the Chip Card approve or decline the transaction. This is determined by using the result of the transaction as indicated in the response message from the Acquirer. REQUIREMENTS BY TRANSACTION STEP The Terminal must then populate the ARC (EMV tag “8A”) to be returned to the Chip Card from the Terminal in the 2nd generate AC command, as follows: • “00” for an approval result (i.e., in ASCII “3030”) • “02” for a referral result (i.e., in ASCII “3032”) • “05” for a decline (i.e., in ASCII “3035”) B Terminal was unable to go Online: When the Terminal is unable to go Online, the Terminal determines whether or not to request Offline approval or an Offline decline from the Chip Card, depending on the TAC (default) residing in the Terminal and the IAC (default) read from the Chip Card. Step 13: 2nd Card Action Analysis American Express has the same requirements as the EMV specifications. Following the completion of 2nd Terminal action analysis, the Terminal will ask the Chip Card to either approve or decline the transaction. The Chip Card then performs its own action analysis and makes the final decision as to whether or not the transaction is approved or declined. The Chip Card may decline an Issuer-approved transaction based upon the Issuer authentication results and Issuer encoded parameters in the Chip Card. The Chip Card generates a Cryptogram of type TC for approved transactions and of type AAC for declined transactions. Step 14: Issuer Script Processing American Express has the same requirements as the EMV specifications. However, additional requirements that cover operational functionality outside of the EMV specifications are provided. Within EMV, the Issuer has the ability to send updates to the Chip Card via scripts sent in the authorization response message. An Issuer Script is a collection of card commands constructed and sent by the Issuer for the purpose of updating and managing Chip Cards. Detailed below are American Express’ requirements for Issuer Script processing: B The Terminal shall process the script, whether the transaction was approved or declined. The Terminal passes commands defined in the script to the Chip Card, either before or after it has returned the final AC, depending on the type of script sent. October 2007 ■ 15 Implementing American Express EMV Acceptance on a Terminal B The Terminal shall process Issuer Scripts with the Chip Card, irrespective of whether Issuer authentication is successful or the transaction is approved or declined. The Terminal shall not display any message to the Merchant indicating either the end of the transaction or card removal until the Chip Card has processed the script. B In any authorization response, the Issuer can send multiple scripts. These scripts may contain multiple commands, which shall be processed in the order that they appear within the script. If the card responds to a command with an Issuer Script indicating success or a warning, then the Terminal must continue to process the remaining commands. If the card responds with an error, then the Terminal must terminate processing of any remaining commands. B Terminals shall support the processing of Issuer Scripts during this step of the transaction, as well as in Step 13 before the 2nd generate AC command (i.e., support tags “72” and “71”). REQUIREMENTS BY TRANSACTION STEP The following is an example of a trace of an Issuer Script with multiple commands. Trace Data 72459F18048000000086158424000210FEBF34F00B7CE770DC 61DA847BFB1E59862504DA8E00200000000000000000420141 035E031F020000000000000000AC7F4DF1D624A0E Table 5: Data Elements in the Issuer Script Data Element Description 72 Script tag 45H (69D) Length 9F18 Tag 04H (4D) Tag length 80000000 Script ID 86 Command tag 15H (21D) Length 8424 PIN change command 0002 P1 P2 10H (16D) Length FEBF34F00B7CE770 Data DC61DA847BFB1E59 MAC 86 Command tag 25H (37D) Length 04DA Put data command 8E00 CVM list update 20H (32D) Length 0000000000000000420141035E031F020000000000000000 Data AC7F4DF1D624A0ED MAC H = Hexidecimal D = Decimal representation of the hexidecimal value October 2007 ■ 16 Implementing American Express EMV Acceptance on a Terminal The following is an example of a trace of an Issuer Script with a single command. Trace Data 72179F180400004000860E04DA9F580900C7356286E3779889 Table 6: Data Elements in the Issuer Script Description 72 Script tag 17H (23D) Length 9F18 Tag 04H (4D) Tag length 00004000 Script ID 86 Command tag 0EH (14D) Length 04DA Put data command 9F58 CVM list update 09H (9D) Length 00 Data C7356286E3779889 MAC REQUIREMENTS BY TRANSACTION STEP Data Element H = Hexidecimal D = Decimal representation of the hexidecimal value Step 15: Transaction Completion American Express has the same requirements as the EMV specifications. However, additional requirements that cover operational functionality outside of the EMV specifications are provided. The Terminal performs final processing to complete the transaction. It is also at this point in the transaction that, if the signature has been determined as the CVM, the receipt is printed and the Cardmember is asked to sign it. October 2007 ■ 17 Implementing American Express EMV Acceptance on a Terminal AEIPS Receipt Requirements. Certain format and data requirements must be met with regards to transaction receipts. These are outlined in the following tables and accompanying text. Key to contents in Table 7, column titled M/P/O/C—M: Mandatory (always needed), P: Preferred (best practice), O: Optional (can be present), or C: Conditional (dependent on the situation) Table 7: Receipt Data Table M/P/O/C Merchant Number M* Merchant Name M* Merchant Address M* Transaction Type e.g., Sale, Refund M* PAN M*1 Expiration Date of Card (MMYY) M* Transaction Data Source e.g., Swiped, Manual Entry, Chip M* Date of Transaction M* Terminal Number (Terminal ID) M* Transaction Number M* Transaction Response e.g., Authorization Code M* Amount of Transaction (Including Currency Symbol) M* Request for Signature (Not Required for PIN Transaction) C Space for Signature (Not Required for PIN Transaction) C Declaration e.g., Please Debit My Account M Retention Reminder M PIN Statement (Only required for PIN) e.g., PIN Verified, PIN Locked C AID M Gratuity Amount O Diagnostic Message P Start Date of Card (MMYY) P Time of Transaction P Application Preferred Name C2 Payment Brand Name/Application Label M Card Type O Cardmember Name O3 Courtesy Message O Tax Registration Number O Receipt Number (Not Transaction Number) O Goods Amount O Goods Description O October 2007 REQUIREMENTS BY TRANSACTION STEP Field Description ■ 18 Implementing American Express EMV Acceptance on a Terminal Field Description M/P/O/C Tax Rate O Exception File Version Number O Terminal Software Version Number O Cryptogram Type/Value P *Indicates data elements that must be stored electronically during a PIN transaction Notes on Table 7 1. The PAN on the Cardmember’s receipt must be masked per PCI DSS and local legal requirements. REQUIREMENTS BY TRANSACTION STEP 2. Where the application preferred name is present and the Terminal supports the relevant Issuer code table index, then this data element is mandatory. 3. The Cardmember name, if printed, should be printed according to [ISO-7813]. The Cardmember name is received from the chip for an EMV transaction, or from track 1 for a magnetic stripe transaction. BEST PRACTICE: Printing of a receipt should begin as soon as possible, so as to overlap with the transaction process. Doing so will minimize the time that the Merchant and Cardmember spend waiting. AEIPS Receipt Layout Requirements. The only mandatory requirement pertaining to the layout of text on a receipt is that the signature and amount are adjacent to one another. Every effort should also be made to ensure that other information is presented logically and clearly (e.g., place date and time adjacent to each other as well as the masked card number and expiration date, etc.). October 2007 ■ 19 Implementing American Express EMV Acceptance on a Terminal The receipt layout shown in Figure 2 highlights the additional requirements for a Terminal processing American Express Chip Cards. The red text indicates layout requirements specific to EMV. Figure 2: Receipt Layout Reqirements Receipt Layout Receipt Data LOGO(S) WHERE APPLICABLE RETAIL STORE 154 EDWARD STREET BRIGHTON BN2 2LP Merchant Name Merchant Address Merchant Number Terminal Number (Terminal ID) BATCH# 0001 ROC# 125 XXXXXXXXXXX1003 – (C) Transaction Number Masked PAN and Transaction Data Source: (S) Swiped (M) Manual Entry or (C) Chip. Card Type and Expiration Date AMERICAN EXPRESS EXPIRES 05/12 AMEX GOLD A000000025010001 OCT 19, 07 15:33 SALE RRN: 1234567890 ITEM NAME / DESCRIPTION (OPTIONAL) ITEM NAME / DESCRIPTION (OPTIONAL) USER ID: 9999 (OPTIONAL) BASE £ TIP £ TOTAL £ 250.00 PIN VERIFIED X__________________________________ E SMITH REQUIREMENTS BY TRANSACTION STEP MERCHANT ID: 999 999 999 TERMINAL ID: 12345 Application Label, or Application Preferred Name Card Application Identifier (AID) Time and Date of Transaction Transaction Type Receipt Number Amount of Transaction (Including Currency Symbol) Gratuity Amount PIN Statement or Space for Signature and Request for Signature Cardmember Name TC – A2E51245C4D7E551 AUTHORIZATION CODE: 252525 Cryptogram Type and Value Transaction Response e.g., Authorization Code I AGREE TO PAY THE ABOVE TOTAL AMOUNT ACCORDING TO THE CARD ISSUER AGREEMENT. Declaration MERCHANT COPY October 2007 ■ 20 Implementing American Express EMV Acceptance on a Terminal SECTION 4: SPECIAL TRANSACTION PROCESSING Despite EMV’s significant impact on Terminal hardware and software, the processes involved in handling a standard Cardmember transaction are very similar for magnetic stripe and EMV. However, there are some transactions that occur during unique scenarios that, with the introduction of EMV, and especially PIN, require special consideration. This section details American Express requirements in such circumstances. 4.1. Technical Scenarios 4.2. Situational Scenarios 4.3. Unattended Payment Terminal Scenarios 4.1.1. Fallback 4.2.1. Refunds 4.3.1. Cardholder Verification on UPTs 4.1.2. Premature Card Removal 4.2.2. Card Not Present 4.3.2. Fallback on UPTs 4.1.3. Referral Transactions 4.2.3. Card Not Yet Present 4.3.3. Online Capability with UPTs 4.1.4. Declined Transactions 4.2.4. Transaction Amount Not Yet Known 4.1.5. Stand-In Authorization 4.2.5. Card No Longer Present 4.1.6. Reversals 4.2.6. Card Re-Presented For Final Charge 4.2.7. Adding a Gratuity 4.1.1. Fallback When an American Express certified Terminal successfully performs application selection but cannot complete the EMV transaction due to technical reasons, the Terminal is allowed to process the transaction by using a less secure method (e.g., magnetic stripe); this is known as Fallback. The Terminal is allowed to use Fallback as long as the technical error occurs before the card responds to the 1st generate AC command. If the error occurs after this step, the transaction must be declined and Fallback is not allowed. Additionally, before Fallback is allowed, multiple attempts to use the chip must be performed (i.e., a first attempt and retries). American Express recommends that in the event of a chip read failure, a Terminal make two further attempts to read the chip before processing the transaction as Fallback. The Terminal should respond to the first and second unsuccessful attempts by displaying a meaningful message (e.g., “INSERT AGAIN”). After the final unsuccessful attempt, the Terminal shall prompt the Merchant to revert to reading the magnetic stripe as the Fallback option (e.g., “PLEASE SWIPE”). If the transaction falls back from EMV technology, the standard checks performed on any magnetic stripe card must be performed. Fallback shall not take place if: B the card is blocked; B all applications present are blocked; B the EMV transaction has already been declined; or B the transaction occurs at an Unattended Payment Terminal (UPT). October 2007 ■ 21 SPECIAL TRANSACTION PROCESSING 4.1. AEIPS Requirements During Technical Scenarios Implementing American Express EMV Acceptance on a Terminal Identifying Fallback. The Terminal to Acquirer interface shall include an indicator to explicitly identify Fallback transactions. There are two ways in which Fallback transactions can be indicated to American Express: Option 1: Fallback Indicator • E.g., POS data code position 7 (card data input mode code) = 9 (Fallback) Option 2: Derived Indicator (Leveraging POS Data Codes) • Position 1 (card input capability code) = 5 (ICC) • Position 6 (card present code) = 1 (card present) • Position 7 (card data input mode code) ≠ 5 (ICC). Some examples of possible values include: • 2 (magnetic stripe read) • 6 (key entered) • S (keyed Four-Digit Card Security Code [4CSC] or Four-Digit Batch Code [4DBC]) BEST PRACTICE: American Express recommends that you apply Option 1, as it more accurately identifies Fallback transactions. PAN Key Entry. If the transaction cannot be completed by the chip or magnetic stripe, the transaction may be completed with PAN key entry, subject to agreement with the local Acquirer. 4.1.2. Premature Card Removal In an EMV transaction, the card must remain in the Terminal for the duration of the transaction; if the Cardmember or Merchant removes the card before the Terminal has reached transaction completion, the Terminal shall cancel the transaction. If an authorization has taken place, the Terminal shall send a reversal message if the Acquirer and Terminal support reversals. If it is not possible to send a reversal message, then the Terminal shall cancel the transaction, and no settlement data will be sent. 4.1.3. Referral Transactions As in the current magnetic stripe environment, the Issuer may respond to an authorization request with a referral. Not all Terminals support referrals, in which case the Terminal shall treat a referral response as a decline response. In these circumstances, American Express has the following requirements: The card shall be removed from the Terminal and retained by the Merchant for use during the referral process, as information may be required during the referral call that is not on the Terminal receipt (for example, 4CSC on the front of the card). However, the Terminal must complete the transaction with the card before displaying any message that indicates the removal of the card. October 2007 ■ 22 SPECIAL TRANSACTION PROCESSING Floor Limits. American Express mandates a zero Floor Limit for all Fallback transactions, meaning all Fallback transactions must be sent Online for authorization. Implementing American Express EMV Acceptance on a Terminal There are two options for how a Terminal can do this: Option 1: The transaction is completed by the Terminal and the chip as though it had been declined (i.e., the Terminal requests an AAC). • The Terminal must retain the transaction data until the status of the transaction has been determined. • If the transaction is subsequently approved, the Terminal must allow the Merchant to enter the approval code during transaction completion. The approval code must then be included in the submission, along with the ARQC that was generated by the card prior to Online authorization. • If the transaction is subsequently declined, the transaction must be declined within the Terminal, with no further card processing. Option 2: The transaction is completed by the Terminal and the chip as though it had been authorized (i.e., the Terminal requests a TC). • The Terminal must retain the transaction data until the status of the transaction has been determined. • If the transaction is subsequently approved, the Terminal must allow the Merchant to enter the approval code during transaction completion. The approval code must then be included in the submission, along with the TC that was generated by the card. further card processing. BEST PRACTICE: American Express recommends that you apply Option 1, as it is more technically correct. At the point of referral, the transaction has not actually been approved. 4.1.4. Declined Transactions In normal circumstances, when an Issuer declines a transaction, the Terminal still performs 2nd Terminal and card action analysis. When the transaction is declined, the Merchant is made aware of this on the Terminal display. In cases where a transaction is declined by the card, Terminal, or Issuer, it shall not be reprocessed using alternative data entry (i.e., magnetic stripe or PAN key entry). Decline and Retain. In exceptional circumstances, the Merchant may be requested (through a response code) to retain the card, which is referred to as “decline and retain” (also known as “decline and pickup”). This code will normally be sent in conjunction with an Issuer Script, which prevents the Chip Card from carrying out further EMV transactions. The retained card message shall not be displayed to the Merchant until the chip has processed the script. 4.1.5. Stand-In Authorization When the Chip Card and Terminal have determined that a transaction needs to be sent Online, and the American Express Acquirer cannot be contacted due to technical reasons, the IAC and TAC default values are checked to determine whether or not the transaction is to be approved or declined. The Merchant has no October 2007 ■ 23 SPECIAL TRANSACTION PROCESSING • If the transaction is subsequently declined, the transaction must be declined within the Terminal, with no Implementing American Express EMV Acceptance on a Terminal control over this process; however, in the magnetic stripe environment, a Merchant could decide to accept a similar transaction at his or her own risk (subject to Merchant contract). This is called Stand-In authorization. American Express has developed a process that would allow those Merchants who currently perform StandIn authorization to continue to perform it in the EMV environment. In the event that the American Express Acquirer cannot be contacted, and the Merchant wishes to allow Stand-In authorization, there are three steps that a Terminal must perform: Step 1: Stand-In Eligibility Check. The Terminal shall contain a list of all partial or full AIDs for which it supports Stand-In. The Terminal will compare the AID on the card to the AIDs stored within this list. If a match is found, then the card is eligible for Stand-In. If the Terminal belongs to a Merchant or Acquirer who wishes to support Stand-In authorization for American Express, then the Terminal must hold an indicator to show that Stand-In authorization is allowed for all valid American Express payment applications. If the Terminal identifies an application that is eligible for Stand-In authorization, it must perform Stand-In authorization as described in steps 2 and 3. In the event that the result of the eligibility check indicates that Stand-In processing is not to be performed, then transaction processing continues using the TAC and IAC default values. SPECIAL TRANSACTION PROCESSING Step 2: Stand-In Action Code (SAC). A Terminal supporting Stand-In authorization shall hold a dedicated SAC specifically for the purpose of processing Stand-In authorization (one SAC per supported AID). In order to process Stand-In authorization, the Terminal shall check the TVR against the SAC for that AID; and if any of the corresponding TVR bits are set, then the Terminal must request that the Transaction be declined. The following table provides the default settings of American Express SAC. Table 8: Default Settings for American Express SAC* Byte Bit Value 1 8 Offline Data Authentication not Performed 1 7 Offline SDA Failed 1 6 ICC Data Missing 1 5 Card Appears on Terminal Exception File 1 4 Offline DDA Failed 2 7 Expired Application 2 5 Requested Service not Allowed for Card Product 3 8 Cardholder Verification was not Successful 3 6 Offline PIN Try Limit Exceeded 3 4 Offline PIN Required, PIN Pad Present but PIN not Entered 4 6 Upper Consecutive Offline Limit Exceeded *This table corresponds to an SAC hexadecimal value of “F8 50 A8 20 00.” October 2007 ■ 24 Implementing American Express EMV Acceptance on a Terminal Step 3: Amount Check. The final check a Terminal performs as part of Stand-In authorization is against the transaction amount, referred to as an amount check. The Terminal shall hold a dedicated (non-zero) StandIn Floor Limit for use in the Stand-In authorization process. For a transaction to be approved using Stand-In authorization, the transaction amount must be below this Stand-In Floor Limit. If the transaction value exceeds the Stand-In Floor Limit, then the transaction must be referred. Other Stand-In Requirements. The other requirements that American Express has for the Stand-In process are detailed below. a. Additional Validation at Terminal During Transaction Acceptance The requirements defined above do not replace the standard validation that must occur as part of the Stand-In process; this includes Stand-In Floor Limits. b. Terminal Displays to Cardmembers Messages displayed by Terminals to Cardmembers and Merchants shall be no different from those used when the system is able to conduct Online authorization with the Acquirer. In a small number of cases, a supervisor approval or voice authorization may be required, but this will usually be for high-value transactions where such intervention is likely to be considered normal. 4.1.6. Reversals Reversals are used to undo—or reverse—transactions that have been performed in error (e.g., the transaction has already been sent for authorization when the Merchant or the Cardmember notices that the amount of the transaction is incorrect). Terminals need to send reversal messages only if the transaction is aborted at a point after which communication has begun with the Acquirer. Depending on the particular reversal message protocols used, the reversal message may or may not contain EMV data, as EMV data is optional in reversal messages. If EMV data is present in the reversal message, then it shall be a copy of the EMV data presented in the corresponding authorization message that is being reversed. The Terminal should not initiate any new communication with the chip in order to process a reversal. In all cases, the Terminal shall void the transaction and produce a receipt for the Cardmember, showing that the original transaction has been voided. October 2007 ■ 25 SPECIAL TRANSACTION PROCESSING c. Approval Codes When possible, the Terminal should generate a random, downtime approval code for display at the Terminal and for printing on receipts. This pseudo-approval code must not be incorporated with the submission data for the transaction for which it was created. Implementing American Express EMV Acceptance on a Terminal 4.2. AEIPS Requirements During Situational Scenarios Table 9: Examples of Situational Scenarios Scenario Example $ $ $ B Mail orders and telephone orders 1 5 Card Not Present 4 4.2.2. B Refund of a sale 3 Refunds 2 4.2.1. 6 7 8 B Deposits taken on telephone bookings for hotels or vehicle rentals 0 9 3 4 2 B Hotel bookings 1 5 Card Not Yet Present 6 7 4.2.3. 8 9 0 B Vehicle rentals 4.2.4. B Gasoline pump Transaction Amount Not Yet Known B Opening a bar tab CHECK-IN B Hotel check-in B Rental vehicle pick-up 4.2.5. B Hotel express checkout Card No Longer Present EXPRESS 4.2.6. Adding a Gratuity CHECKOUT B Face-to-face hotel checkout SPECIAL TRANSACTION PROCESSING 4.2.7. Card Re-Presented for Final Charge B Vehicle rental returns B Face-to-face vehicle return to same rental site B Hair salon/barber B Restaurant sales 4.2.1. Refunds $ $ $ Refund transactions are less at risk for fraudulent activity than regular transactions. Therefore, American Express has fewer restrictions on refund processing. Refunds can be processed using the chip, the magnetic stripe, or by manually entering the PAN into the Terminal. If you choose to use the chip, it is not necessary to perform all of the steps that are possible in an EMV transaction. There are two ways in which a refund can be processed using EMV; in either option the Terminal must not indicate that the transaction has completed after the Cryptogram is returned in response to the 2nd generate AC command: Option 1: Full EMV Transaction. If you choose to perform a full EMV transaction, American Express recommends that the Terminal request that the card approve the transaction Offline (i.e., requests a TC). However, refunds can be processed Online if necessary (i.e., with an ARQC). If for any reason the card declines the refund, then the AAC should be discarded and the ARQC submitted for the refund. The Terminal should treat the transaction as though it has been approved. Option 2: Track 2 Data. If you choose not to perform a full EMV transaction, the Terminal must read the track 2 data off the chip and use it to process the refund transaction. In constructing the refund transaction, either use track 2 component parts or extract the components from the track 2 image, but do not use the track 2 image itself, as the 4CSC on the magnetic stripe and in the chip are not required to be the same. Also, there is a PCI DSS requirement that the entire contents of the track 2 data shall not be stored after a transaction October 2007 ■ 26 Implementing American Express EMV Acceptance on a Terminal hascompleted. Having your Terminals extract the application PAN and expiration date from the chip (rather than using all the track 2 data) helps ensure the PCI DSS requirement is met. BEST PRACTICE: • American Express recommends that the Terminal perform refunds using Option 2. • American Express recommends that Terminal risk management and Online authorization not be performed for refund transactions. 3 4 2 1 5 6 7 4.2.2. Card Not Present 8 9 0 Some transactions may need to be authorized and settled without the Merchant ever having access to the Chip Card to take advantage of its security features. As such, there are no requirements on card not present transactions, and Merchants should process such transactions using existing processes. BEST PRACTICE: When processing card not present transactions, Merchants should ensure that they are using the existing security features available to them, such as address verification and the 4CSC. 3 4 2 1 5 6 7 8 9 0 In some cases, a Merchant’s business may be such that he or she requires some assurance as to the validity of a card account before actually having access to the card. For this reason, Merchants may wish to take card details from the Cardmember before the card is present. As such, there are no requirements on card not yet present transactions, and Merchants should process such transactions using existing processes. BEST PRACTICE: American Express recommends that card not yet present transactions be performed for a minimum transaction amount, in order to avoid inconveniencing the Cardmember by unnecessarily reducing his or her available card funds. 4.2.4. Transaction Amount Not Yet Known CHECK-IN In some cases, a Merchant may only have access to the card to perform an EMV transaction at a time before the final amount of the transaction is known. In a transaction amount not yet known scenario, an estimate can be displayed, but the Merchant must then inform the Cardmember that the value is an estimate and is therefore subject to change. If the difference between the actual value of the transaction and the initial authorization amount is greater than 15%, then the Merchant must submit an additional authorization request for the difference between the two amounts. If a Terminal is not able to store EMV transaction data, then any incremental authorizations will either require the Cardmember to re-present his or her card, or the authorization must be entered in PAN key entry format. BEST PRACTICE: American Express recommends that all relevant EMV transaction data from the Authorization be stored for the settlement process, including the Cryptogram produced by the card. October 2007 ■ 27 SPECIAL TRANSACTION PROCESSING 4.2.3. Card Not Yet Present Implementing American Express EMV Acceptance on a Terminal 4.2.5. Card No Longer Present EXPRESS On occasion, the Merchant will only know the final amount to charge a Cardmember after he or she has left the premises, and therefore, the Chip Card will no longer be present. The only EMV transaction data the Merchant will have access to is the data gathered during the initial authorization and any subsequent incremental authorizations. If a Terminal is not able to store EMV transaction data, then the final transaction may be processed in PAN key entry format. BEST PRACTICE: B American Express recommends the final transaction be submitted for settlement using the EMV data from the most recent authorization. B The presentment message should include: • the ARQC; • the estimated or top-up amount that relates to that ARQC; and • the final transaction amount. CHECKOUT In cases where the Chip Card was originally used to authorize a transaction before the amount was known, and is then re-presented to the Merchant after the transaction amount has been finalized, the transaction is completed as follows: B If the difference between the actual value of the transaction and the initial authorization amount is greater than 15%, then a normal EMV transaction must be completed with the card for the full amount, and any previous authorizations must then be cancelled, where possible. B If the difference between the actual value of the transaction and the initial authorization amount is equal to or less than 15%, then the transaction should be completed without going Online. There are two options for how this could be achieved: Option 1: Full EMV Transaction. If you choose to perform a full EMV transaction, American Express recommends the Terminal request that the card approve the transaction Offline (i.e., requests a TC). However, if the transaction is sent Online, American Express recommends that, where possible, it is sent as an advice message. Option 2: Track 2 Data. If you choose not to perform a full EMV transaction, the Terminal must read the track 2 data off the chip and use it to process the transaction. In constructing the transaction, use track 2 component parts, or extract the components from the track 2 image, but do not use the track 2 image itself, as the 4CSC on the magnetic stripe and in the chip are not required to be the same. Also, there is a PCI DSS requirement that the entire contents of the track 2 data shall not be stored after a transaction has completed. Having your Terminals extract the PAN and expiration date from the chip (rather than using all of the track 2 data) helps ensure the PCI DSS requirement is met. BEST PRACTICE: When possible, the EMV data from the authorization should be attached to the transaction data in the clearing message. October 2007 ■ 28 SPECIAL TRANSACTION PROCESSING 4.2.6. Card Re-Presented for Final Charge Implementing American Express EMV Acceptance on a Terminal 4.2.7. Adding a Gratuity In certain Merchant categories such as restaurants, it is standard practice to enable customers to add a gratuity to the amount of the transaction. There are many different ways in which a gratuity can be added. American Express does not define any specific methods for adding gratuities. BEST PRACTICE: American Express recommends that Terminal software enables the Cardmember to add the gratuity amount to the transaction before entering his or her PIN. This enables the transaction to be processed as a normal, “card present” transaction. The introduction of EMV technology and its associated security features greatly increases the business case for UPTs. Card Authentication and Cardholder Verification—which previously relied on the manual observation of the card and signature by staff—can now be performed through direct interaction between a Chip Card and a Terminal. An EMV transaction is processed in essentially the same way in a UPT as in a standard Terminal, with a few notable exceptions. The sections below detail these exceptions, as well as the related American Express requirements for UPTs. 4.3.1. Cardholder Verification on UPTs The introduction of the Offline PIN capability provided by EMV greatly increases the potential for Cardholder Verification at UPTs. CVM Fallback shall not be supported at UPTs (i.e., if the highest supported CVM in both card and Terminal is PIN, PIN must be used or the transaction must be declined). 4.3.2. Fallback on UPTs If the Terminal is EMV-enabled but not yet certified, or if it is EMV-enabled for other Payment Brands but not yet for American Express, the transaction must be processed using the magnetic stripe. The Terminal must not process the transaction as Fallback. Fallback to magnetic stripe shall not be available at AEIPS-enabled UPTs. These Terminals shall reject a magnetic stripe card with a service code that starts with a 2 or a 6 (indicating EMV-capable) when the chip cannot be read. October 2007 ■ 29 SPECIAL TRANSACTION PROCESSING 4.3. AEIPS Requirements for Unattended Payment Terminal (UPT) Scenarios Implementing American Express EMV Acceptance on a Terminal 4.3.3. Online Capability with UPTs Depending on the environment in which they are deployed and the type of transactions performed, some of your UPTs may have Online capability. The Terminal shall include indicators in the authorization and submission messages that the transaction was processed at a UPT. BEST PRACTICE: B If your UPT has Online capability, we recommend that it have a zero Terminal Floor Limit and that it attempt to perform all transactions Online. B If the UPT is capable of Online operation, we recommend that it have the capability to capture the card at the Issuer’s request. B If your UPT has no Online capability, we recommend the use of Exception Files and the validation of card details (including expiration date) before the transaction is allowed to proceed. SPECIAL TRANSACTION PROCESSING October 2007 ■ 30 Implementing American Express EMV Acceptance on a Terminal SECTION 5: AEIPS TERMINAL CERTIFICATION 5.1. Introduction Integrating EMV into Terminals and host systems can add complexity and the potential for interoperability issues. To ensure that these potential issues are minimized, we have defined a certification process that must be completed. Multiple parties can be involved in the AEIPS Terminal certification process. For example, a certification can be completed directly between a Terminal Vendor and American Express. Or, a certification may need to be conducted via the involvement of a third party, such as a Reseller or an Acquirer. Although the roles played by various parties may involve different responsibilities, the overall AEIPS Terminal certification process will not change significantly. For the purposes of this document, each of these parties will be referred to as a certification contact. This section will enable our certification contacts to successfully and easily implement AEIPS on a Terminal. Important Note: Before completing AEIPS Terminal certification, the Terminal must already have received EMVCo level 1 and 2 certification. Although you may begin AEIPS Terminal certification before you have been awarded EMVCo level 2 certification, you will not be formally granted AEIPS Terminal certification until level 2 EMVCo certification has been confirmed. The certification contacts must: B Ensure that all their EMV-capable Terminals have been certified by American Express. B Ensure that certification is performed on every Terminal software version (not just on the chip software kernel) in every country where it is implemented. This ensures that no issues arise after the local application software has been developed that could create a need for re-certification of the Terminal. B Ensure that American Express is notified of any change in the software. October 2007 ■ 31 AEIPS TERMINAL CERTIFICATION This section outlines only the globally-standard requirements for certifying a Terminal to the AEIPS specifications; there may be additional country-specific or Acquirer-specific requirements and tests. The certification process may also differ slightly depending on whether these local variations exist. Contact your American Express Representative to determine if additional requirements apply. Implementing American Express EMV Acceptance on a Terminal 5.2. How to Perform AEIPS Terminal Certification The following diagram details the high-level process for AEIPS Terminal certification. The process begins when a certification contact provides American Express with a completed certification request form, which can be obtained from your American Express Representative. Figure 3: AEIPS Terminal Certification Process Flow Certification contact ensures Terminal has passed EMVCo levels 1 & 2 certification Certification contact ensures that the certification request form is completed for each Terminal requiring certification American Express receives certification request form from certification contact American Express books test slot American Express sends test plan & test plastics to certification contact Certification contact performs connectivity tests AEIPS TERMINAL CERTIFICATION Certification contact completes test scripts & sends test results to American Express Certification contact fixes errors & is responsible for associated costs American Express receives & validates test results Were the tests passed? no Certification contact informed of failure yes yes Certification contact sends settlement file Is certification contact submitting settlement files? no no Was settlement file validation criteria met? October 2007 yes American Express sends certification letter to certification contact ■ 32 Implementing American Express EMV Acceptance on a Terminal The entire AEIPS Terminal certification process typically takes about 4–6 weeks; completion in this timeframe depends not just on American Express but also on the certification contact. American Express makes the following timing commitments for AEIPS Terminal certification: B After the certification request form has been received, American Express will notify the certification contact and provide the [AEIPS-TEST] document and necessary test cards within one week. B When the certification results have been received, American Express will validate these results and inform the certification contact of this validation within two weeks. Contact your local American Express Representative to obtain certification request forms as well as the detailed test plan and test cards. For up-to-date information about EMVCo level 1 and level 2 type approval, visit www.emvco.com. Important Note: In early 2008, American Express intends to introduce a certification tool that will remove the requirement to connect to the American Express network to perform AEIPS Terminal certification. Once this requirement is removed, certification testing will be performed using the host simulator, and the results will be submitted to American Express for validation. If you wish to use this tool instead of connecting to American Express, please contact your local American Express Representative to find out if the tool is available. It still may be necessary to connect to the American Express network to perform certification for country-specific requirements not covered by this tool. 5.3. AEIPS Terminal Certification Test Plan [AEIPS-TEST] AEIPS Test Plan Section 1 (Mandatory) B Section 1. Authorization Tests—This section includes nine Online authorization tests that check core AEIPS functionality and the interaction with the American Express host. It also includes two tests that check the magnetic stripe functionality of the Terminal. Important Note: American Express issues cards in both International Organization for Standardization (ISO) and American National Standards Institute (ANSI) format. Therefore, it is important to check that the Terminal is capable of reading both formats. AEIPS Test Plan Sections 2 and 3 (Based on the Terminal’s functionality) B Section 2. Stand-In Processing Tests—This section consists of nine tests that check the functionality associated with Stand-In processing. Only Terminals that perform Stand-In processing and contain SAC need to perform these tests. B Section 3. Submission Testing—If you are required to create a file of transactions for submission, then you will be required to perform the tests detailed in this section. This section consists of two tests that October 2007 ■ 33 AEIPS TERMINAL CERTIFICATION The AEIPS test plan has been broken into four sections. The first section is mandatory, the next two sections may or may not need to be run, based on the Terminal’s functionality. The final section must be performed in the event of a change in the authorization communication link. This test plan outlines only the globally-standard tests for certifying a Terminal to the AEIPS specifications; there may be additional country-specific or Acquirer-specific requirements and tests. Implementing American Express EMV Acceptance on a Terminal ensure accurate data is submitted to American Express. This testing is not necessary when submitting through a Third Party Processor; however, formal certification will not be granted until that Third Party Processor link has been certified. AEIPS Test Plan Section 4 (Based on whether changes have been made to the Terminal’s communication with American Express) B Section 4. Communication Change Testing—In the event of a change in the authorization communication link, the tests detailed in this section will need to be performed in order to check that the Terminal and American Express are still able to connect. 5.4. Setting Up the Terminal Prior to AEIPS Terminal Certification Before performing AEIPS Terminal certification, it is necessary to ensure that the Terminal has the correct parameters and CAPKs loaded. Additionally, the Terminal must also be able to produce the correct diagnostic information. Once this is done, a test transaction must be performed to ensure the Terminal’s connectivity to American Express. A checklist is provided in [AEIPS-TEST] to help you ensure that you have configured your Terminal correctly. The following table lists those data elements that have specific values associated with them for the purposes of testing. Table 10: Specific Test Values Description Test Values American Express BIN Ranges 340000–349999, 370000–379999 American Express AID A0 00 00 00 25 PIX: 01 Application Selection Indicator Partial AID matching must be enabled TAC - Default 00 00 00 00 00 TAC - Online 00 00 00 00 00 TAC - Denial SAC – Default 00 00 00 00 00 1 0001 Transaction Certificate Data Object List (TDOL) Not used DDA Data Object List (DDOL) 9F3704 Threshold Value for Biased Random Selection Random selection to be set off (all zero) Target Percentage for Random Selection 0 Maximum Target Percentage for Biased Random Selection 0 Terminal Floor Limits Supplied by local American Express Representative 2 Merchant Number 2 F8 50 A8 20 00 Application Version Number CAPKs 1 AEIPS TERMINAL CERTIFICATION RID: Lca00003 Lca0000E Lca0000F Lca00010 Supplied by local American Express Representative Used only when Stand-In processing has been implemented. American Express CAPK format and details are included in Appendix A. October 2007 ■ 34 Implementing American Express EMV Acceptance on a Terminal 5.4.1. Additional Parameters and Requirements for Stand-In Certification B The American Express AID should be identified to support Stand-In unless stated otherwise in the test. B There should not be a connection available to the American Express host during any Stand-In processing tests. Stand-In Floor Limits B Pre-comms Stand-In Floor Limit = 0. B Post-comms Stand-In Floor Limit = 150. 5.4.2. Mandatory Data for Diagnostics The data listed below is essential for AEIPS Terminal certification. It can be provided on the receipt or transaction log. The information shall be available only during the certification process and, if provided through a diagnostic receipt, shall be switched off for the live environment. B TVR B Transaction Status Information (TSI) B CVR B Cryptogram Type B Cryptogram Value B IACs B TACs B Terminal Capabilities B Additional Terminal Capabilities B Application Interchange Profile B IAD AEIPS TERMINAL CERTIFICATION B Application Version Number (Card) B Application Version Number (Terminal) B Terminal Software Version Details B CAPK Index B Issuer Script Results 5.4.3. Connectivity Test The following transaction can be completed using the test card AEIPS 10 to check connectivity. Transaction amount Response 8.00 Approve Other connectivity test transactions that provide different responses, e.g., referral, may also be available. Please contact your American Express Representative for details. 5.5. Completing the AEIPS Test Plan 5.5.1. Documentation When performing AEIPS Terminal certification, you will be required to complete a result form for each test performed [AEIPS-TEST]. To assist American Express in the reviewing of results—and to speed up the October 2007 ■ 35 Implementing American Express EMV Acceptance on a Terminal reviewing process—it is important that the individual(s) performing the tests provide as much documentary evidence as possible. This evidence will consist of, at a minimum: B A receipt per transaction (or comment that no receipt was produced). B Written confirmation of the main Terminal/PIN Pad displays/prompts B Evidence of the TVR/TSI settings (on the receipt). B When the outcome of a test does not match the expected result, an explanation should be provided. Providing these explanations will speed up the evaluation. Additionally, it will help streamline the process if any of the following can be supplied: B Logs produced by the equipment being tested that show transaction flow or any other useful information. B Any further comments the certification contact feels will assist American Express in evaluating the results. 5.5.2. TVR and TSI Setting Requirements In certain tests, American Express requires specific TVR or TSI values to be set. These are indicated in [AEIPS-TEST] by showing only these settings, e.g., TVR - 00 xx xx xx xx. If bits other than the required values are set, this does not equate to a failure of the test; however, these additional bits must be explained. Where the TSI results are shown, only those values that are relevant to the test are shown, e.g., 8x xx. However, it will always be the case that additional bits will be set by the Terminal, again this does not equate to a failure of the test. 5.6. Overview of AEIPS Terminal Certification Tests October 2007 ■ 36 AEIPS TERMINAL CERTIFICATION This section provides an overview of the American Express EMV tests for authorization (AEIPS Test Plan Section 1), Stand-In (AEIPS Test Plan Section 2), submission (AEIPS Test Plan Section 3), and communication change (AEIPS Test Plan Section 4). This section does not include any additional country-specific or Acquirerspecific tests that you may need to complete. Please contact your American Express Representative to determine if additional requirements apply. The overview tables begin on the following page. October 2007 Pre-Requisites and Settings Terminal set up for AEIPS Terminal certification Terminal set up for AEIPS Terminal certification Description An Online chip and PIN transaction An Online chip and PIN transaction with three Issuer Scripts returned in the authorization response message AXP – POS 001 AXP – POS 002 AEIPS TERMINAL CERTIFICATION Test Case AEIPS Test Plan Section 1. Authorization Tests 5.6.1. Mandatory Tests AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 • Perform a second sale using test card AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 returned to the Terminal by American Express host in the authorization response message • LCOL scripts sent by Terminal to card • LCOL scripts accepted by card • Issuer authentication performed (Terminal sends external authenticate to the card) • Issuer authentication successful • Transaction is approved at host • Terminal prints/displays application label 2nd transaction: • CVR shows three Issuer Script commands containing secure messaging successfully processed on last transaction (Byte 4, Bits 5–8) • CVR indicates “Issuer authentication successful for last transaction” (Byte 3, Bit 4 = 0) 1st transaction: • Terminal prompts for PIN • PIN is successfully validated • Three Lower Consecutive Offline Limit (LCOL) Issuer Scripts • Perform a sale using test card • • • • • • • • Terminal prompts for chip insertion Terminal prompts for PIN PIN is successfully validated TVR setting 00 xx xx 0x 0x (data authentication did not fail, Issuer authentication successful) TSI setting 8x xx (i.e. Bit 8 = 1, data authentication performed) ARPC returned in the response message from the American Express Acquirer The card will return a TC to 2nd generate AC command Issuer authentication performed (Terminal sends the external authenticate to the card) Offline PIN verification performed (CVR Byte 1, Bit 3 = 1) Transaction is approved Terminal prints/displays application label Signature box not printed on receipt • • • • • Perform a sale using test card AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 Test Success Criteria Procedures Implementing American Express EMV Acceptance on a Terminal ■ 37 Terminal set up for AEIPS Terminal certification and supports referral processing • Terminal set up for AEIPS Issuer authentication is successfully performed after a referral response is received from the Acquirer A sale using a test card from a 34 BIN range and with the AXP 1408 CAPK – Terminal must accept this as a valid PAN AXP – POS 003 AXP – POS 004 AEIPS TERMINAL CERTIFICATION October 2007 Terminal certification • Terminal is configured to accept the American Express registered 34 and 37 BIN ranges Pre-Requisites and Settings Description Test Case AEIPS 11 and enter the required amount • Perform a sale using test card • • • • • • • • • • • • • Terminal prompts for PIN PIN is successfully validated Terminal accepts a 34 BIN Transaction is sent Online and is approved ARPC returned in response message from the American Express Acquirer TC returned by the card in response to the 2nd generate AC command Issuer authentication is performed and is successful TVR setting 00 xx xx 0x xx (data authentication did not fail) TSI setting 8x xx (i.e. Bit 8 = 1, data authentication performed) 1st transaction Terminal prompts for PIN PIN is successfully validated Transaction is referred ARPC returned in response message from the American Express Acquirer • Either TC or AAC returned by card in response to the 2nd generate AC command • Issuer authentication performed (Terminal sends external authenticate to the card) • Issuer authentication successful • Terminal prints/displays application label • Display and receipt show “CALL ISSUER” and response code value 2nd transaction • CVR indicates “Issuer authentication successful for last transaction” (CVR Byte 3, Bit 4 = 0) • • • • • Perform a sale using test card AEIPS 10 and enter the required amount When prompted, enter PIN 1234 Enter approval code of 55 when prompted Perform a second sale using test card AEIPS 10 and enter the required amount When prompted, enter PIN 1234 Test Success Criteria Procedures Implementing American Express EMV Acceptance on a Terminal ■ 38 An Online chip transaction with DDA AXP – POS 006 AEIPS TERMINAL CERTIFICATION October 2007 Terminal set up for AEIPS Terminal certification AEIPS 13 and enter the required amount • Perform a sale using test card AEIPS 12 and enter the required amount • Perform a sale using test card • Terminal set up for AEIPS A sale using a test card with multiple applications that require cardholder confirmation AXP – POS 005 Terminal certification Procedures Pre-Requisites and Settings Description Test Case • Issuer authentication successful • The card will return AAC to 1st generate AC • Transaction is declined authenticate to the card) • Issuer authentication performed (Terminal sends external performed) • DDA did not fail • TSI setting 8x xx (i.e. Bit 8 = 1, data authentication performed • TVR setting 00 xx xx xx xx – Offline data authentication If Cardholder confirmation supported: • Cardholder confirmation requested by card • Prompt for “AMEX” application must be displayed on Terminal • Select application “AMEX” • Transaction is approved • TVR setting 00 xx xx 0x xx (data authentication did not fail) • TSI setting 8x xx (i.e. Bit 8 = 1, data authentication performed) • Application label is printed/displayed on the receipt If Cardholder confirmation not supported: • Cardholder confirmation requested by card • Cardholder confirmation not supported • Transaction is declined Test Success Criteria Implementing American Express EMV Acceptance on a Terminal ■ 39 AEIPS 14 and enter the required amount • When prompted, enter PIN 1234 • Perform a second sale using test card AEIPS 14 and enter the required amount • When prompted, enter PIN 1234 • Perform a sale using test card AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 • Perform a refund using test card AEIPS 10 and enter the required amount • Perform a sale using test card terminal certification • Terminal is capable of processing multiple Issuer Scripts, and multiple commands within Issuer Scripts • Terminal set up for AEIPS terminal certification • Terminal supports full EMV refunds • Terminal set up for AEIPS To verify refund processing An Online transaction performed and approved, the Issuer validation fails, and the card declines the transaction. The Terminal then performs a reversal AXP – POS 008 AXP – POS 009 AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 • Perform a reversal on the transaction • Perform a sale using test card • Terminal set up for AEIPS Online chip transaction, using AXP 1984 CAPK, and a 126-byte script sent in authorization response message AXP – POS 007 AEIPS TERMINAL CERTIFICATION October 2007 Terminal certification and can support Online reversals Procedures Pre-Requisites and Settings Description Test Case • • • • • • • • Express host Transaction approved at the American Express host Issuer authentication is performed TC requested by Terminal in 2nd generate AC AAC returned by card in response to the 2nd generate AC command Issuer authentication was successful (TVR Byte 5, Bit 7 = 0) Issuer authentication was performed (TSI Byte 1, Bit 5 = 1) Transaction is declined Reversal transaction is generated • ARPC returned in response message from the American • Refund successfully performed either Online or Offline • Refund is approved • Refund is captured at Terminal 1st transaction: • Terminal prompts for PIN • PIN is successfully validated • Script returned to Terminal by American Express host in the authorization response message • “Extra long” (126-byte) update command sent by the Terminal to card (2 scripts embedded) • Terminal prompts for PIN entry • TVR setting 00 xx xx 0x xx (data authentication did not fail) • TSI setting 8x xx (i.e. Bit 8 = 1, data authentication performed) • Issuer authentication performed (Terminal sends external authenticate to the card) • Issuer authentication successful • Offline PIN verification performed (Byte 1, Bit 3 = 1) • Transaction is approved 2nd transaction: • CVR shows two Issuer Script commands containing secure messaging successfully processed on last transaction (Byte 4, Bits 5–8) • CVR shows Issuer authentication successful for last transaction (Byte 3, Bit 4 = 0) Test Success Criteria Implementing American Express EMV Acceptance on a Terminal ■ 40 Terminal set up for AEIPS Terminal certification Terminal set up for AEIPS Terminal certification Magnetic stripe transaction with a card formatted according to ISO standards Magnetic stripe transaction with a card formatted according to ANSI standards AXP – POS 010 AXP – POS 011 None • The Terminal system cannot Transaction approved by Stand-In functionality Submission of transaction created in STP-021a Referral response received from Stand-In functionality STP-021a Below Post-comms STP-021b Below Post-comms (Submissions) STP-022 Above Post-comms connect to the Acquirer host • Stand-In processing is configured for the American Express AID and SAC loaded to the Acquirer host • Stand-In processing is configured for the American Express AID and SAC loaded • The Terminal cannot connect STP-0022 and enter the amount of 150.02 (above the postcomms and pre-comms Stand-In Floor Limits) • Perform a sale using test card STP-021a to American Express • Submit transaction created in STP-0021 and enter the amount of 50.01 (below the post-comms Stand-In Floor Limit but above the pre-comms Stand-In Floor Limit) • Perform a sale using test card STP-0020 and enter the amount of 150.01 (above the postcomms Stand-In Floor Limit) • Perform a sale using test card • The Terminal cannot connect Transaction declined as Stand-In not available STP-020 Not Configured for Stand-In Processing to the Acquirer host • Stand-In processing is not configured for the American Express AID Procedures Pre-requisites and Settings Description AEIPS ANSI and enter the required amount • Perform a sale using test card Terminal does not send external authenticate command to card Terminal requests a TC in 2nd generate AC Terminal sets ARC (tag 8A) when requesting the TC to “00” Transaction is approved at Terminal Terminal prompts for signature Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit, 8 = 1) Terminal does not send external authenticate command to card Terminal requests an AAC in 2nd generate AC Terminal sets ARC (tag 8A) when requesting the AAC to “Z3” Transaction is denied at the Terminal Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit 8 = 1) • Terminal sets ARC (tag 8A) when requesting the TC to “02” • Transaction is referred at Terminal • Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit 8 = 1) AAC) • Terminal does not send external authenticate command to card • Terminal requests a TC in 2nd generate AC (this may be Transaction correctly presented in submissions file • • • • • • • • • • • Test Success Criteria • Terminal can read track 2 data on the magnetic stripe • Terminal does not prompt for chip insertion • Transaction approved Terminal can read track 2 data on the magnetic stripe Terminal is able to recognize ISO 101 service code Terminal does not prompt for chip insertion Transaction approved • • • • • Perform a sale using test card AEIPS ISO and enter the required amount Test Success Criteria Procedures Test Case AEIPS Test Plan Section 2. Stand-In Processing Tests AEIPS TERMINAL CERTIFICATION October 2007 5.6.2. Tests That Are Based on the Terminal’s Functionality Pre-Requisites and Settings Description Test Case Implementing American Express EMV Acceptance on a Terminal ■ 41 Transaction declined during Stand-In as the card is in the Terminal’s Exception File Transaction declined during Stand-In, as the card application has expired Transaction approved by Stand-In functionality, as SAC is not set to decline expired application Submission of transaction created in STP-026a STP-024 Denial Condition Met (Exception File) STP-025 Denial Condition Met (Expired Application) STP-026a Denial Condition NOT Met STP-026b Denial Condition NOT met (submissions) None connect to the Acquirer host • Stand-In processing is configured for the American Express AID • A SAC of 0000000000 is loaded into the Terminal • The Terminal system cannot connect to the Acquirer host • Stand-In processing is configured for the American Express AID and SAC loaded • The Terminal system cannot connect to the Acquirer host • Stand-In processing is configured for the American Express AID and SAC loaded • Terminal has card number “37 42 00 00 00 00 00 4” in its Exception File AEIPS TERMINAL CERTIFICATION October 2007 • The Terminal system cannot configured for the American Express AID and SAC loaded • Stand-In processing is STP-026a to American Express • Submit transaction created in STP-0026 and enter the amount of 50.06 (below the post-comms Stand-In Floor Limit but above the pre-comms Stand-In Floor Limit) • Perform a sale using test card STP-0025 and enter the amount of 50.05 (below the post-comms Stand-In Floor Limit but above the pre-comms Stand-In Floor Limit) • Perform a sale using test card STP-0024 and enter the amount of 50.04 (below the post-comms Stand-In Floor Limit but above the pre-comms Stand-In Floor Limit) • Perform a sale using test card STP-0023 and enter the amount of 50.03 (below the post-comms Stand-In Floor Limit but above the pre-comms Stand-In Floor Limit) Transaction declined during Stand-In as SDA failed STP-023 Denial Condition Met (SDA Failure) connect to the Acquirer host Procedures • Perform a sale using test card Pre-requisites and Settings • The Terminal system cannot Description Test Case Test Success Criteria response code of “05” Terminal does not send external authenticate command to card Terminal requests an AAC in 2nd generate AC Terminal sets ARC (tag 8A) when requesting the AAC to “05” Transaction is denied at Terminal Offline SDA failed (TVR Byte 1, Bit 7 = 1) Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit 8 = 1) response code of “05” Terminal does not send external authenticate command to card Terminal requests an AAC in 2nd generate AC Terminal sets ARC (tag 8A) when requesting the AAC to “05” Transaction is denied at Terminal Card appears on Exception File (TVR Byte 1, Bit 5 = 1 ) Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit 8 = 1) response code of “05” Terminal does not send external authenticate command to card Terminal requests an AAC in 2nd generate AC Terminal sets ARC (tag 8A) when requesting the AAC to “05” Transaction is denied at Terminal Expired application (TVR Byte 2, Bit 7 = 1) Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit 8 = 1) response code of “00” Terminal does not send external authenticate command to card Terminal requests a TC in 2nd generate AC Terminal sets ARC (tag 8A) when requesting the TC to “00” Transaction is approved at Terminal Expired application (TVR Byte 2, Bit 7 = 1) Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit 8 = 1) • Transaction correctly presented in submissions file • • • • • • • Merchant host approves authorization response with a • • • • • • • Merchant host denies authorization response with a • • • • • • • Merchant host denies authorization response with a • • • • • • • Merchant host denies authorization response with a Implementing American Express EMV Acceptance on a Terminal ■ 42 Transaction declined during Stand-In as Offline PIN is required but not entered STP-028 Denial Condition Met (PIN not entered) • Perform a sale using test card STP-0028 and enter the amount of 50.08 (below the post-comms Stand-In Floor Limit but above the pre-comms Stand-In Floor Limit) • When PIN is prompted, bypass request connect to the Acquirer host • Stand-In processing is configured for the American Express AID and SAC loaded AEIPS TERMINAL CERTIFICATION October 2007 • The Terminal system cannot configured for the American Express AID and SAC loaded • Stand-In processing is STP-0027 and enter the amount of 50.07 (below the post-comms Stand-In Floor Limit but above the pre-comms Stand-In Floor Limit) • When requested enter PIN 1234 Transaction declined during Stand-In as the PIN try limit is exceeded STP-027 Denial Condition Met (PIN Try Exceeded) connect to the Acquirer host Procedures • Perform a sale using test card Pre-requisites and Settings • The Terminal system cannot Description Test Case Test Success Criteria response code of “05” Terminal does not send external authenticate command to card Terminal requests an AAC in 2nd generate AC Terminal sets ARC (tag 8A) when requesting the AAC to “05” Transaction is denied at Terminal Offline PIN try limit exceeded (TVR Byte 3, Bit 6 = 1) Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit 8 = 1) • • • • • response code of “05” Terminal does not send external authenticate command to card Terminal requests an AAC in 2nd generate AC Terminal sets ARC (tag 8A) when requesting the AAC to “05” Transaction is denied at Terminal Offline PIN required, PIN Pad present but PIN not entered (TVR Byte 3, Bit 4 = 1) • Transaction exceeds Stand-In Floor Limit (TVR Byte 4, Bit 8 = 1) • Pin Bypass is performed at the Terminal • Merchant host denies authorization response with a • • • • • • • Merchant host denies authorization response with a Implementing American Express EMV Acceptance on a Terminal ■ 43 Pre-requisites and Settings Terminal set up for AEIPS Terminal certification Terminal set up for AEIPS Terminal certification Description Transaction authorized Online and correctly presented in the submissions file Refund created for an Online authorized transaction and correctly presented in the submissions file Settlement – Debit Transaction Settlement – Credit Transaction AEIPS TERMINAL CERTIFICATION October 2007 Test Case AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 • Refund the authorized transaction of required amount • Present the transaction and the refund in the submission file and submit it to American Express (if you are direct submitter) or to your Acquirer • Perform a sale using test card • • • • Chip transaction approved Online Refund created for the authorised transaction Transaction presented in the submission file Submission file submitted in the agreed format • Chip transaction approved Online • Transaction presented in the submission file • Submission file submitted in the agreed format • Perform a sale using test card AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 • Present the authorized transaction in the submission file and submit to American Express (if you are direct submitter) or to your Acquiring bank/bureau Test Success Criteria Procedures If you are required to provide a file of transactions for submission as part of your approvals testing, then you are required to use the transactions indicated in this section. AEIPS Test Plan Section 3. Submission Tests Implementing American Express EMV Acceptance on a Terminal ■ 44 Pre-requisites and Settings Terminal set up for AEIPS Terminal certification Terminal set up for AEIPS Terminal certification Terminal set up for AEIPS Terminal certification Description Issuer authentication is successfully performed after a referral response Online chip transaction, using AXP 1984 CAPK, and 126-byte script sent in authorization response An Online chip and PIN transaction that is declined by the host AXP – COM 001 AXP – COM 002 AXP – COM 003 AEIPS TERMINAL CERTIFICATION October 2007 Test Case AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 • Perform a sale using test card AEIPS 14 and enter the required amount • When prompted, enter PIN 1234 • Perform a second sale using test card AEIPS 14 and enter the required amount • When prompted, enter PIN 1234 • Perform a sale using test card • • • • • • • • • • Transaction is declined PIN is successfully validated Issuer authentication successfully performed. Application label is printed/displayed on the receipt Transaction approved Online SDA successfully performed PIN is successfully validated Issuer authentication successful Application label is printed/displayed on the receipt CVR on the second Online transaction indicate that the script was successfully processed in the last transaction • Issuer authentication successfully performed • Application label is printed/displayed on the receipt command • TC returned by the card in response to the 2nd generate AC Acquirer • Transaction is referred • PIN is successfully validated • ARPC returned in response from the American Express • Perform a sale using test card AEIPS 10 and enter the required amount • When prompted, enter PIN 1234 • Enter approval code of 55 when prompted Test Success Criteria Procedures The following tests are based on whether there has been a communication change between the Terminal and American Express. AEIPS Test Plan Section 4: Communication Change Tests 5.6.3. Tests That Are Performed When There Are Communication Changes Implementing American Express EMV Acceptance on a Terminal ■ 45 Implementing American Express EMV Acceptance on a Terminal SECTION 6: MERCHANT EDUCATION For new technology to succeed, it is vital that those responsible for using, managing, and maintaining that technology are properly trained. It is our experience that when implementing EMV, you cannot provide too much training. Moving to a new type of payment technology is a large change for a Merchant, and customers may become dissatisfied if transactions are not handled properly. It is critical that Merchants who migrate to EMV plan for, design, and execute a thorough staff-training program. 6.1. Guidance for a Successful Training Program It is best if EMV training is delivered prior to implementing EMV in the Merchant environment. EMV training should also be readily available for staff to access if needed as a reference and should also be available on an ongoing basis for newly hired employees. BEST PRACTICE: We recommend creating a quick reference guide with key information on accepting Chip Cards and magnetic stripe cards to be kept near the Terminal. B We recommend making EMV training interactive and including hands-on practice accepting both Chip Cards and magnetic stripe cards. B Additionally, it is recommended that Merchants work with their Acquirers if they have questions or need additional support relating to processing EMV transactions. Some key topics that should be included in EMV training are: B The benefits of EMV with regards to fraud risk and fraud liability MERCHANT EDUCATION B Inserting the Chip Card B Following the Terminal prompts B Fallback B PIN entry and PIN Bypass (as appropriate to local usage) B Handling common customer inquiries B The requirement to continue to accept all types of card products October 2007 ■ 46 Implementing American Express EMV Acceptance on a Terminal APPENDIX A: CAPK INFORMATION CAPK Format Detail Unless otherwise stated, the values within the CAPK format are detailed in their hexidecimal representation. Table A-1: CAPK Format Detail Field Name Length (Bytes) Hashed Description Header 1 No Set to 20 Service Identifier 4 No American Express Product Identifier. Set to 00 00 00 00 Length of CAPK Modulus 2 No Length of CAPK modulus. Current valid values = 00 80 (1024 bits), 0090 (1152), 00B0 (1408 bits), 00F8 (1984 bits) CAPK Algorithm Indicator 1 No Cryptographic algorithm ID used to generate the CAPK. Set to 01 Length of CAPK Exponent 1 No Length of CAPK exponent. Set to 01 RID 5 Yes Set to A0 00 00 00 25 CAPK Index 1 Yes Unique CAPK index number CAPK Modulus Variable Yes CAPK modulus CAPK Exponent Variable Yes CAPK exponent. Set to 03 Hash Value 20 No Hash of components indicated in “hashed” column Live CAPKs There are four live CAPKs. They are sent out in text and binary formats in a zip file. Table A-2: Live CAPKs Key File Name CAPK Index CAPK Length Lca00003.dat Lca00003.txt 03 00 80 (hex = 128 bytes = 1024 Bits Lca0000E.dat Lca0000E.txt 0E 00 90 (hex) = 144 bytes = 1152 Bits Lca0000F.dat Lca0000F.txt 0F 00 B0 (hex) = 176 bytes = 1408 Bits Lca00010. dat Lca00010.txt 10 00 F8 (hex) = 248 bytes = 1984 Bits APPENDIX October 2007 ■ A: 47 Implementing American Express EMV Acceptance on a Terminal The text versions of these keys are included below: Key Index 03 (1024) Header 20 Service Identifier 00 00 00 00 Length of CAPK Modulus 00 80 CAPK Algorithm Indicator 01 Length of CAPK Exponent 01 RID A0 00 00 00 25 CAPK Index 03 CAPK Modulus B0C2C6E2A6386933CD17C239496BF48C57E389164F2A96BFF133439AE8A77B20498BD4DC6959AB0 C2D05D0723AF3668901937B674E5A2FA92DDD5E78EA9D75D79620173CC269B35F463B3D4AAFF27 94F92E6C7A3FB95325D8AB95960C3066BE548087BCB6CE12688144A8B4A66228AE4659C634C99E3 6011584C095082A3A3E3 CAPK Exponent 03 Hash Value 8708A3E3BBC1BB0BE73EBD8D19D4E5D20166BF6C Key Index 0E (1152) Header 20 Service Identifier 00 00 00 00 Length of CAPK Modulus 00 90 CAPK Algorithm Indicator 01 Length of CAPK Exponent 01 RID A0 00 00 00 25 CAPK Index 0E CAPK Modulus AA94A8C6DAD24F9BA56A27C09B01020819568B81A026BE9FD0A3416CA9A71166ED5084ED91CED4 7DD457DB7E6CBCD53E560BC5DF48ABC380993B6D549F5196CFA77DFB20A0296188E969A2772E8C4 141665F8BB2516BA2C7B5FC91F8DA04E8D512EB0F6411516FB86FC021CE7E969DA94D33937909A53 A57F907C40C22009DA7532CB3BE509AE173B39AD6A01BA5BB85 CAPK Exponent Hash Value A7266ABAE64B42A3668851191D49856E17F8FBCD APPENDIX October 2007 ■ A: 48 Implementing American Express EMV Acceptance on a Terminal Key Index 0F (1408) Header 20 Service Identifier 00 00 00 00 Length of CAPK Modulus 00 B0 CAPK Algorithm Indicator 01 Length of CAPK Exponent 01 RID A0 00 00 00 25 CAPK Index 0F CAPK Modulus C8D5AC27A5E1FB89978C7C6479AF993AB3800EB243996FBB2AE26B67B23AC482C4B746005A51AFA 7D2D83E894F591A2357B30F85B85627FF15DA12290F70F05766552BA11AD34B7109FA49DE29DCB01 09670875A17EA95549E92347B948AA1F045756DE56B707E3863E59A6CBE99C1272EF65FB66CBB4CFF 070F36029DD76218B21242645B51CA752AF37E70BE1A84FF31079DC0048E928883EC4FADD497A719 385C2BBBEBC5A66AA5E5655D18034EC5 CAPK Exponent 03 Hash Value A73472B3AB557493A9BC2179CC8014053B12BAB4 Key Index 10 (1984) Header 20 Service Identifier 00 00 00 00 Length of CAPK Modulus 00 F8 CAPK Algorithm Indicator 01 Length of CAPK Exponent 01 RID A0 00 00 00 25 CAPK Index 10 CAPK Modulus CF98DFEDB3D3727965EE7797723355E0751C81D2D3DF4D18EBAB9FB9D49F38C8C4A826B99DC9DEA 3F01043D4BF22AC3550E2962A59639B1332156422F788B9C16D40135EFD1BA94147750575E636B6EB C618734C91C1D1BF3EDC2A46A43901668E0FFC136774080E888044F6A1E65DC9AAA8928DACBEB0D B55EA3514686C6A732CEF55EE27CF877F110652694A0E3484C855D882AE191674E25C296205BBB599 455176FDD7BBC549F27BA5FE35336F7E29E68D783973199436633C67EE5A680F05160ED12D1665EC 83D1997F10FD05BBDBF9433E8F797AEE3E9F02A34228ACE927ABE62B8B9281AD08D3DF5C7379685 045D7BA5FCDE58637 CAPK Exponent 03 Hash Value C729CF2FD262394ABC4CC173506502446AA9B9FD APPENDIX October 2007 ■ A: 49 Implementing American Express EMV Acceptance on a Terminal APPENDIX B: DISPLAYABLE MESSAGES Table B-1 details the possible messages that a Terminal may display during an AEIPS transaction. The table also provides details on when each message may be used. This is provided as guidance, but is not an exhaustive list. Table B-1: Displayable Terminal Messages Message Text Usage AUTH CODE: nnnnn Used to display the actual authorization code, or, if a transaction is approved by the Terminal, used to display the code that is created by the Terminal. CALL AUTH CENTER Used to inform the Merchant that a referral is needed upon the request of the Acquirer or due to connectivity issues. CALL ISSUER Used when a referral response is sent to the Terminal, indicating that the Merchant needs to contact the Issuer. CALL HELP DESK Used when the Terminal has a technical issue that requires assistance to resolve. CARD NOT AUTHORIZED Transaction not approved (see DECLINED). CHECK SIGNATURE Used to prompt for visual verification of the signature. COMPLETED Used to indicate that the transaction has finished. CONNECTION MADE Used to indicate connectivity has been successfully established between the Terminal and the Acquirer host. DECLINED Printed or displayed on completion of a voice referral where the Acquirer, Issuer, or card has declined the transaction, and the Merchant has indicated this to the Terminal. DO NOT REMOVE CARD Warns Cardmember/Merchant not to remove card. ENTER AMOUNT Used to prompt for amount entry. CARDMEMBER ENTER PIN Either of these can be used whenever the Cardmember is required to enter his or her PIN number. ENTER PIN ESTIMATED MAXIMUM AMOUNT XXX.XX MAX AMOUNT XXX.XX EXPIRES MM/YY Used to prompt for input of the card expiration date. GRATUITY? ENTER/CANCEL Used to allow Cardmembers the opportunity to add a gratuity. October 2007 APPENDIX OPEN TAB MAXIMUM XXX.XX ENTER PIN Used in hotels, car rental, restaurants, and bars when the Cardmember commences a transaction, the final value of which is not yet known. ■ B: 50 Implementing American Express EMV Acceptance on a Terminal Message Text Usage INSERT AGAIN Used to indicate that the chip has not been read successfully. INSERT CARD Used to prompt that the Chip Card be inserted rather than swiped. ISSUER DECLINE – CARDMEMBER SHOULD CONTACT ISSUER Used to inform both Merchant and Cardmember of the transaction result and the action they need to take. DECLINED BY CARD – CARDMEMBER SHOULD CONTACT ISSUER KEY CARD NUMBER Used to indicate that the magnetic stripe has not been read successfully three times. LAST PIN TRY INCORRECT PIN – LAST PIN TRY Warns Cardmember that he or she is about to have a final attempt at entry before the PIN may be locked. LINE BUSY Used to indicate that the telephone line to which the Terminal is connected is already in use. LOADING Used to indicate the Terminal is receiving configuration data from a remote computer. MAXIMUM $XX – PLEASE ENTER PIN Indicates the maximum amount for which the transaction can be completed. OPEN TAB MAXIMUM $XX.XX ENTER PIN Used in bars and restaurants to advise the Cardmember of the maximum amount they may be charged, when a card is held behind the bar until the final payment is made. PASS CARD TO MERCHANT Used to prompt Cardmember to hand card to cashier. PIN ERROR or INVALID PIN Used to indicate an incorrect PIN has been entered. INCORRECT PIN – CARDMEMBER RETRY Used to indicate that the PIN on the Chip Card has been locked on this or a previous transaction. PIN TRY LIMIT EXCEEDED – CALL ISSUER Where PIN try counter = 0. PIN OK Used to signify that PIN entry was correct. October 2007 APPENDIX PIN LOCKED ■ B: 51 Implementing American Express EMV Acceptance on a Terminal Usage PLEASE INITIALIZE Used to indicate that the Terminal needs to perform initialization to download new software or parameters (“PSE INITIALIZE” if only 16 digits of display are available). PROCESSING – PLEASE WAIT Used when Terminal is interacting with the card and during which time the card should not be removed. PLEASE WAIT Used on receipt of a “hold” message with an empty message data element, otherwise the Terminal shall display the message data element contents. REFERRAL Used to inform the Merchant that a referral is needed or is underway. REMOVE CARD Used to prompt either Cardmember or Merchant to remove the card from the Terminal. REQUEST INVALID Used to indicate that the requested transaction is not supported for the card presented. SELECT PAYMENT TYPE Used when multiple payment options are available from a single card (e.g., credit or debit). SESSION TOTALS NOT AGREED UNCONFIRMED CANNOT CONFIRM Used during a reconciliation to advise the Merchant of the status of the reconciliation transaction. STORE FULL Used to advise the Merchant that the post-event store of transactions is full and the Terminal needs to contact the Acquirer. SUPERVISOR CARD Used to prompt the swiping or insertion of the supervisor card in order that certain functions can proceed. SWIPE AGAIN Used to indicate that the magnetic stripe has not been read successfully. SWIPE CARD Used at the point in the procedure where card input is required for a magnetic stripe card. TRANSACTION COMPLETE Signifies that transaction has been completed. TRANSACTION VOID Used if the transaction is canceled at the Terminal prior to completion of a voice referral. UNABLE TO GO ONLINE, OFFLINE APPROVED May be used to provide further advice on how the transaction has been processed. UNABLE TO GO ONLINE, OFFLINE DECLINED May be used to provide further advice on how the transaction has been processed. VALID FROM MM/YY Used to prompt for input of the card effective date. October 2007 APPENDIX Message Text ■ B: 52 Implementing American Express EMV Acceptance on a Terminal APPENDIX C: GLOSSARY AND ACRONYMS 4CSC Four-Digit Card Security Code 4DBC Four-Digit Batch Code AAC Application Authentication Cryptogram. A type of Cryptogram indicating that the Chip Card has declined the transaction AC Application Cryptogram Acquirer An entity that has a contract with a Merchant pursuant to which: i. A Cardmember is entitled to charge purchases of goods or services at such a Merchant by means of a card, and, ii. The Merchant agrees to transfer such charges to the Acquirer American Express ICC Payment Specification. AEIPS has two separate specifications: • AEIPS Chip Card Specification [AEIPS-CARD], which defines the technical data elements and functionality for all American Express entities when implementing Chip Cards. • AEIPS Terminal Specification [AEIPS-TERM], which outlines the Terminal functionality required to process American Express EMV transactions. AID Application Identifier. A value defined by [ISO 7816-5] and used to identify the application to the Terminal ANSI American National Standards Institute Application Selection Indicator An indicator within the Terminal software that determines whether partial application selection can occur ARPC Authorization Response Cryptogram. A type of Cryptogram generated by the Issuer, used to enable the Chip Card to validate the authorization response ARQC Authorization Request Cryptogram. A type of Cryptogram that is generated by a Chip Card when it determines that a transaction should be sent Online ARC Authorization Response Code ASCII American Standard Code for Information Interchange. A code for representing characters as binary numbers AXP American Express BIN Bank Identification Number. A six-digit number identifying the Issuer institution. It is also used as the first six digits of a card account number issued by the Issuer. CAPK Certificate Authority Public Key October 2007 ■ C: 53 APPENDIX AEIPS Implementing American Express EMV Acceptance on a Terminal The process by which EMV-compliant Chip Cards authenticate themselves to Terminals and Issuer systems Cardholder Verification The process by which the Cardmember’s identity is verified Cardmember A person who has entered into an agreement and established a card account with any Issuer, or a person whose name is embossed on a card CDA Combined DDA / AC generation Chip Card A card that has a silicon chip embedded into it Cryptogram Security data created by the Chip Card or Issuer systems and used to validate a transaction or authorization response CVM Cardholder Verification Method CVR Card Verification Results DDA Dynamic Data Authentication. A means by which a Terminal can authenticate a Chip Card, as defined by EMV DDOL DDA Data Object List EMV A term that is used to refer to the global specifications maintained by EMVCo. The application that resides on the Chip Card, and the application that resides on the Terminal used to generate transactions. “EMV” is a trademark of EMVCo, LLC. EMVCo EMVCo LLC, the organization that manages the EMV specifications and the approval process for cards and Terminals Exception File A file of account numbers used during Stand-In authorization, for which the Issuer has predetermined either an authorization decision of denial (i.e., negative status), or requires special handling (i.e., VIP) Fallback When an EMV transaction cannot be completed in an EMV-enabled Terminal utilizing EMV technology, the Terminal then reads the magnetic stripe Floor Limit The maximum monetary amount for a single transaction, at or above which authorization must be obtained before completing the transaction IAC Issuer Action Code IAD Issuer Authentication Data ICC Integrated Circuit Card, alternate term for Chip Card ISO International Organization for Standardization Issuer Any entity issuing a payment card or engaging in the payment card issuing business Issuer Script A collection of card commands constructed and sent by the Issuer for the purpose of updating and managing their cards October 2007 ■ C: 54 APPENDIX Card Authentication Implementing American Express EMV Acceptance on a Terminal LCOL Lower Consecutive Offline Limit MAC Message Authentication Code Merchant Any person who has entered into a contract with an Acquirer, wherein such entity agrees to: i. Permit any Cardmember to charge purchases of goods and services at or from such entity by means of a card, and ii. Transfer such charges to an Acquirer When a transaction is performed without the Terminal connecting to the Acquirer Online A transaction that is sent to the Acquirer prior to transaction completion PAN Primary Account Number Payment Brands A party operating a card payment network PCI DSS Payment Card Industry Data Security Standard PED PIN Entry Device PIN Personal Identification Number PIN Bypass A program allowing Merchants at a Chip/PIN Terminal to proactively bypass the PIN entry to prevent high authorization declines due to a Cardmember’s inability to remember his or her PIN PIN Pad The component of a Terminal that is used by the Cardmember to enter the PIN for Cardholder Verification PIX Proprietary Application Identifier Extension POS Point of Sale; see Terminal Reseller An entity that buys Terminals from a Terminal Vendor, develops and implements country-specific software, and then resells them to Merchants or other customers RID Registered Application Provider Identifier SAC Stand-In Action Code SDA Static Data Authentication. A means by which a Terminal can authenticate a Chip Card, as defined by EMV Stand-In When an Issuer is not available to authorize a transaction, the Merchant can Stand-In for the Issuer and make a decision as to whether or not he or she is willing to accept the risk and authorize the transaction Stand-In Floor Limit A maximum monetary amount for a single Stand-In transaction, at or above which the Merchant must obtain an authorization before completing the transaction. This value is only used during Stand-In and can be loaded into the Terminal or the Third Party Processor’s host system October 2007 ■ C: 55 APPENDIX Offline Implementing American Express EMV Acceptance on a Terminal TAC Terminal Action Code TC Transaction Certificate. A digital signature comprised of Issuer selected data objects. The TC is generated by the Chip Card at the end of an approved transaction, enabling the Issuer to verify that critical chip data was not changed prior to card validation TDOL Transaction Certificate Data Object List Terminal A device capable of accepting American Express Card products for payment for goods or services Terminal Floor Limit A maximum monetary amount for a single transaction, loaded into the Terminal, at or above which the Terminal must obtain an authorization before completing the transaction Terminal Vendor A party that manufactures and sells Terminals Third Party Processor A party that processes American Express transactions on behalf of Merchants, Acquirers, or Issuers TVR Terminal Verification Results UPT Unattended Payment Terminal. An unattended, card-reading device that dispenses a product or provides a service which is paid for with a card (e.g., gasoline pump), upon activation by a valid card. Also known as a Card-Activated Terminal or CAT APPENDIX October 2007 ■ C: 56