5

I received the the following IAD after processing the GPO command, my question then, how is the 9F10 EMV token constructed? Here is the token.

06010A03A020000F04000000000000000000006232E4F9

I am required to send only the CVR portion to the acquiring switch.

Kiran Maniya
  • 8,453
  • 9
  • 58
  • 81
Blackbox First
  • 67
  • 1
  • 1
  • 7

2 Answers2

6

From EMV 4.3 Book 3 Common Core Definitions, Application Specification, November 2011, Page 206, C7.2 The CVR has a fixed length of 5 bytes (10 hexadecimals characters) that are the bytes 4-8 included of Issuer Application Data, EMV tag 9F10. The 3 first bytes of 9F10 being the following.

b1 the length
b2 derivation key index
b3 the cryptogram version

EMV book issuer application data

It seems however that the format of this field might vary between schemes.

Nicolas Henneaux
  • 11,507
  • 11
  • 57
  • 82
5

Looking at the cryptogram version I assume this is from a Visa card. The TLV is 9F10 17 06010A03A020000F04000000000000000000006232E4F9 ?

17 is the total length of the data
06 is the length of issuer descretionary data
01 is derivation key index
0A is the cryptogram version (10 in this case ).
03 Length of CVR
A02000 is the CVR here
Adarsh Nanu
  • 2,133
  • 1
  • 13
  • 18
  • Thanks. Is this a standardized format? I am recieving the following 9F10120210A5800F04000000000000, but it seems wrong because it doesn't follow the format you described. This is a mastercard card, not sure if it follows a different format? – Ken Jan 06 '20 at 09:21
  • 1
    No each payment scheme there is a different format. But generally DKI and CVN comes, followed by CVR, Offline counters etc. – Adarsh Nanu Jan 06 '20 at 09:33
  • @AdarshNanu how you calculate the total length = 17? – NMMA Jun 19 '22 at 21:14
  • @NMMA length( 06010A03A020000F04000000000000000000006232E4F9 ) = 46 = 23 bytes = 0x17 – Adarsh Nanu Jun 20 '22 at 03:57