0

I have the same problem as in this question

but I am using a MasterCard card that supports CDA.

Description of the problem:

When I try to run the CDA I get the following data:

TVR: 0400008000 ("CDA Failed, Exceeds Floor Limit")
IAC DENIAL: 0000000000
TAC DENIAL: 0000000000
TAC ONLINE: FC50B8A000
IAC ONLINE: F870A49800

the AID card is A0000000041010 so it processes it with the mastercard TACs and IACs, I am sure that this transaction must generate an ARQC but it is generating an AAC since the value of the 9f27 tag is 0x00.

I would appreciate it very much, Thank you.

Eugene Sh.
  • 17,802
  • 8
  • 40
  • 61
Rockdrigho
  • 1
  • 2
  • update your original question with full logs after masking sensitive data. You can ignore Byte 4 Bit 8, Transaction exceeds floor limit for the time being as the TAC and IAC denial does not have any bits turned on. More analysis need to be done on the the CDA failed bit. – Adarsh Nanu Jul 12 '18 at 04:20

2 Answers2

0

he solved my problem, the solutions is as follows:

  1. update the collis
  2. Verify that all public keys are available for the card and are well constructed in the file that the verifone terminal needs (in my case it is the file with A00000025.EF)
  3. Verify that the index is included in the EST.dat file

:)

Rockdrigho
  • 1
  • 2
-1

I have implemented a EMV payment framework (https://github.com/vicente-da-silva/dcemv). this implements both EMV contactless and contact kernels. You can try and do the transaction in the framework and follow the logic, and see if the framework behaves the same as the VeriFone and therefore why it does not go online, or if the behavior of the framework is different from the VeriFone, then perhaps the VeriFone kernel is not behaving correctly. The logic you need is in the TerminalActionAnalysis_7_8.cs for either the contact or contactless kernel.

aquamoon
  • 15
  • 6
  • I'm sure it's been incredible amount of work, but I would strongly discourage from suggestions that well established industry solutions do no comply to standard, especially pushing while your own agenda. It's hard to tell from the first look but I do have doubts if your kernel could be used as a reference. For example, the file you are referencing is present only in contactless kernel? I cannot see any DefaultTDOL usage references – Michal Gluchowski Jul 16 '18 at 12:04
  • 1
    Line 219 of state_6_WaitingForTerminalRiskManagement is where you will find the contact logic. As you said it’s hard for you to tell from a first look. I use the same certification tests others do, so I’m confident in the work I have done. I was simply offering a possible solution for the poster to try and figure out the problem they are having. – aquamoon Jul 17 '18 at 13:04