Radu Ch. — Implementing Electronic Card Payment Systems :: Электронная библиотека попечительского совета мехмата МГУ

Главная Ex Libris Книги Журналы Статьи Серии Каталог Wanted Загрузка ХудЛит Справка Поиск по индексам Поиск Форум

Авторизация

Поиск по указателям

Radu Ch. — Implementing Electronic Card Payment Systems

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: Implementing Electronic Card Payment Systems

Автор: Radu Ch.

Аннотация:

Radu, an electrical engineer who works as a consultant for payment systems and telecom operations in Belgium, has written a thorough description of EMV chip card technology. Following a description of chip migration with EMV and its use for debit and credit cards, Radu details the processing of such cards, including remote card payments, with attention to various formats. A lengthy section of appendices details the technology's security framework, threats, services, mechanisms, and risk management.

Язык:

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2003

Количество страниц: 464

Добавлена в каталог: 20.08.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID

Предметный указатель

Access control      369
accumulators      281—283
Accumulators, application off-line      283
Accumulators, application period      282
Accumulators, card off-line      283
Accumulators, card period      282
Accumulators, limit parameters      282—283. See also Card risk management (CRM)
Acquirer in counterfeit transactions      234—235
Acquirer in fraudulent transactions      235
Acquirer in message flows      41—45
Acquirer, defined      15
Acquirer, fallback requirements      233
Acquirer, host (AH)      37
Acquirer, node (AN)      37
Acquirer, parameters      197—198
Acquirer, security policies      203
Action codes      201—203
Action codes, issuer      201—202
Action codes, terminal      203
Administration-to-consumer (A2C) payment      1
AES block cipher      402—404
AFL      141—142
AFL, AEF file entries      141—142
AFL, defined      141
AFL, EMV $\texttrademark$ debit/credit      154—156
AFL, EMV $\texttrademark$ debit/credit, processing      156—158. See also Signed static application data
Algorithmic state machines (ASM)      67
Amount authorized per cycle period parameter      23
Amount remaining this cycle parameter      23
Anonymity      300—302
Answer-to-reset (ATR)      93
Application Cryptogram (AC), case 1 computation      213—214
Application Cryptogram (AC), case 2 computation      214—215
Application Cryptogram (AC), computation      208—217
Application Cryptogram (AC), defined      204 212
Application Cryptogram (AC), generation      211
Application Cryptogram (AC), generation conditions      161
Application Cryptogram (AC), master key for      213
Application Cryptogram (AC), verification      215—217
Application definition files (ADFs)      84—86
Application definition files (ADFs) as application data container      85
Application definition files (ADFs) in EMV $\texttrademark$ file system      99—106
Application definition files (ADFs), Application Label (tag 50)      101
Application definition files (ADFs), Application Preferred Name (tag 9F12)      101
Application definition files (ADFs), Application Priority Indicator (tag 87)      101—102
Application definition files (ADFs), defined      99
Application definition files (ADFs), DF Name (tag 84)      100
Application definition files (ADFs), direct application selection service and      103
Application definition files (ADFs), directory entries      114
Application definition files (ADFs), elements      84—85
Application definition files (ADFs), FCI Issuer Discretionary Data (tag BF0C)      102—103
Application definition files (ADFs), FCI of      100
Application definition files (ADFs), Insert Code Table Index (tag 9F11)      101
Application definition files (ADFs), Language Preference (tag 5F2D)      101
Application definition files (ADFs), partial name selection      103—106
Application definition files (ADFs), Processing Options Data Object List (tag 9F38)      102
Application definition files (ADFs), referencing      84
Application definition files (ADFs), structure      99
Application Effective Date      178 272—273
Application elementary files (AEFs)      83
Application elementary files (AEFs) with SFI in range of 1 to 10      106—107
Application elementary files (AEFs) with SFI in range of 11 to 20      107—108
Application elementary files (AEFs) with SFI in range of 21 to 30      107—108
Application elementary files (AEFs), AFL      141—142
Application elementary files (AEFs), data template example      109
Application elementary files (AEFs), defined      106
Application elementary files (AEFs), EMV $\texttrademark$ debit/credit application      148
Application elementary files (AEFs), in EMV $\texttrademark$ file system      106—108
Application elementary files (AEFs), storing directory file      108
Application Expiration Date      178 272—273
Application Interchange Profile (AIP), defined      87
Application Interchange Profile (AIP), EMV $\texttrademark$ debit/credit      154—156
Application protocols (layer 7)      65
Application Transaction Counter (ATC)      74 154
Application Usage Control      175—178 271—272
Application Version Number      174—175 272
applications      See Card applications; E-commerce applications
Asymmetric cryptographic support      87—90
Asymmetric encryption      375—376
Asymmetric PIN verification      390—391
ATM terminal, payment message forwarding      12
ATM terminal, processing      10—11
ATM terminal, RAM      10
Authentication services (AS)      301—302
Authentication, cardholder account      303
Authentication, data      301—302 367
Authentication, data (SET)      320
Authentication, dynamic card      368
Authentication, dynamic data (DDA)      94 148 165—174
Authentication, entity      302—303
Authentication, entity (SET)      320
Authentication, issuer      221—222 368
Authentication, issuer, error      276 283—284
Authentication, off-line card      368
Authentication, on-line card      368
Authentication, signed dynamic data      173—174
Authentication, static card      368
Authentication, terminal      368
Authorization in EMV™ debit/credit transaction      151
Authorization request cryptogram (ARQC)      204
Authorization Response Code (ARC)      220
Authorization, message      13
Authorization, on-line, not completed      276
Authorization, payment (SET)      323 328—331
Authorization, request response message      47
Authorization, request/response      218—221 353—354
AuthReq      328—329 353
AuthRes      329—331 354
BER-TLV encoding      82—84
BER-TLV encoding, defined      82
BER-TLV encoding, efficiency      84
BER-TLV encoding, illustrated      83
Biased selection function      198—199
Biometrics      391—392
Block ciphers      399—406
Block ciphers, AES      402—404
Block ciphers, block size      400
Block ciphers, cipher block chaining mode (CBC)      401
Block ciphers, cipher feedback chaining mode (CFB)      401
block ciphers, defined      399
Block ciphers, DES      402—404
Block ciphers, electronic codebook mode (ECB)      401
Block ciphers, key derivation      405—406
Block ciphers, key size      400
Block ciphers, MAC with 64 bit-length      404—405
Block ciphers, modes of operation      400—402
Block ciphers, output feedback chaining mode (OFB)      401
Block ciphers, parameters      399—400
Block ciphers, Triple-DES      402—404
Business contexts      257—258
Business environment data elements      35
Business-to-consumer (B2C) payment      1
C-APDU      65—66 67
C-APDU, EXTERNAL AUTHENTICATE command      221
C-APDU, GENERATE AC command      209
C-APDU, GET CHALLENGE command      189
C-APDU, GET DATA command      188
C-APDU, GET PROCESSING OPTIONS command      153 257 345
C-APDU, INTERNAL AUTHENTICATE command      170
C-APDU, READ RECORD command      107
C-APDU, SELECT command      104
C-APDU, VERIFY command      190
CA public keys, elements      129
CA public keys, terminal database of      131. See also Public key certificates
Candidate list      115—116
Candidate list, building process      115—116
Candidate list, building, directly      119—121
Candidate list, building, from PSE      118—119
CapReq      331
CapRes      332

Card acceptor      14—15
Card applications, allocation tables for      244
Card applications, example      244—245
Card applications, mapping to triples      243
Card applications, set selection      243—246
Card association in clearing process      48
Card association, card products      16
Card association, defined      15
Card association, types of      16
Card authentication      76
Card authentication method (CAM)      87
Card authentication method (CAM), design criteria      259—267
Card authentication method (CAM), off-line dynamic      259
Card authentication method (CAM), off-line static      259
Card authentication method (CAM), on-line dynamic      259—260
Card authentication method (CAM), security considerations      263—267
Card authentication method (CAM), support resource needs      260
Card authentication method (CAM), types of      259—260
Card file structure      252
Card products      16
Card risk management (CRM)      273—286
Card risk management (CRM), components      273—274
Card risk management (CRM), data      278—283
Card risk management (CRM), external data objects      278
Card risk management (CRM), financial accumulators and accumulator limit parameters      281—283
Card risk management (CRM), input/output perspective      274
Card risk management (CRM), internal data objects      278
Card risk management (CRM), processing counters and counter limit parameters      280—281
Card risk management (CRM), specification      273
Card risk management (CRM), transaction flow tags      279—280. See also CRM functions
Cardholder access devices      295
Cardholder access devices EMV $\texttrademark$ chip cards in      340—341
Cardholder access devices threats      299—300
Cardholder system, account selection request      352
Cardholder system, application list building      344
Cardholder system, application selection mechanism      344—345
Cardholder system, cardholder verification      347—349
Cardholder system, commonChip extension      352—353
Cardholder system, EMV $\texttrademark$ card application hosting      345
Cardholder system, EMV $\texttrademark$ chip card interaction      353
Cardholder system, GET PROCESSING OPTIONS command      345
Cardholder system, not receiving PRes message      355
Cardholder system, off-line PIN entry prompt      348
Cardholder system, on-line PIN entry prompt      348
Cardholder system, payment options      342
Cardholder system, PInitReq creation      346
Cardholder system, PInitRes reception      346
Cardholder system, PReq creation      350—351
Cardholder system, PRes message and      355
Cardholder system, read application data      345
Cardholder system, receiving PRes message      355
Cardholder system, terminal action analysis      349—350. See also Chip e-commerce
Cardholder Verification Method (CVM)      87
Cardholder Verification Method (CVM), Code (CVM code)      181—182 259
Cardholder Verification Method (CVM), Condition Code (CVM Condition Code)      182 258
Cardholder Verification Method (CVM), design criteria      267—270
Cardholder Verification Method (CVM), enciphered PIN verified on-line      267—268 387—388
Cardholder Verification Method (CVM), implementation requirements      269—270
Cardholder Verification Method (CVM), manual signature      387
Cardholder Verification Method (CVM), plaintext/enciphered PIN verification by ICC      268 388—389
Cardholder Verification Method (CVM), support resources      269
Cardholder Verification Method List (CVM List)      182—183 258
Cardholder Verification Method List (CVM List), definition policies      270
Cardholder Verification Method List (CVM List), guidelines      270
Cardholder verification with biometrics      391—392
Cardholder verification, chip e-commerce      347—349
Cardholder verification, common processing (terminal)      184—186
Cardholder verification, data objects in      181—183
Cardholder verification, defined      178—179
Cardholder verification, EMV $\texttrademark$ debit/credit      178—195
Cardholder verification, EMV $\texttrademark$ methods      179—181
Cardholder verification, impersonation vs.      27—29
Cardholder verification, mechanisms      387—392
Cardholder verification, off-line PIN processing      186—191
Cardholder verification, on-line PIN processing      194—195
Cardholder verification, RSA digital envelope      191—194
Cardholder verification, rules (CVRs)      181 258
Cardholder, accounts database      33
Cardholder, defined      14
Cardholder, impersonation      364
Cardholder, non-repudiation service      303—304
Cardholder, registration      316
CDOL1/CDOL2      209—211
Certification Authority      313—315
Certification authority, algorithm      315
Certification authority, illustrated      315
Certification authority, root      314. See also SET
Chip cards      See ICCs
Chip e-commerce, account/card selection      342
Chip e-commerce, application processing initiation      345—346
Chip e-commerce, application selection      344—345
Chip e-commerce, authorization request/response      353—354
Chip e-commerce, AuthReq      353—354
Chip e-commerce, AuthRes      354
Chip e-commerce, cardholder verification      347—349
Chip e-commerce, EMV $\texttrademark$ application context      342—346
Chip e-commerce, EMV $\texttrademark$ transaction profile      342—344
Chip e-commerce, PANData template      351 352
Chip e-commerce, PReq      350
Chip e-commerce, purchase initialization      346—347
Chip e-commerce, purchase request and response      350—353
Chip e-commerce, terminal action analysis      349—350
Chip e-commerce, transaction completion      355—356
Chip e-commerce, transaction flow      341
Chip e-commerce, transaction processing      340—356
Chip migration      3—4 53—90
Chip migration, business case for      54—56
Chip migration, cost of      55
Chip migration, revenue streams and      56
Cipher block chaining mode (CBC)      401
Cipher feedback chaining mode (CFB)      401
Clearing batch file      48
Clearing, card association and      48
Clearing, defined      47
Clearing, off-line      42—43
Clearing, on-line      42 44
Colluding attacks      33—34
Command application protocol data unit      See C-APDU
Command/response format      65—66
Command/response format, C-APDU      65—66
Command/response format, interoperable payment application      87
Command/response format, preestablished      73—75
Command/response format, proprietary payment application      73—75
Command/response format, R-APDU      66
Command/response format, variable      87. See also ICCs
Common Electronic Purse Specification (CEPS)      371
CommonChip extension      352—353
Communications channel threats      296—299
Communications channel threats, data modification      297—298 365
Communications channel threats, denial-of-service      299 365
Communications channel threats, impersonation      298—299
Communications channel threats, interception      364
Communications channel threats, physical penetration      365—366
Communications channel threats, sniffing      296—297
Communications channel threats, time coordinate      365
Communications channel threats, wiretapping      363—364. See also Remote card payment security; Threats
Confidentiality, data      367
Confidentiality, secure messaging for      367
Confidentiality, services (CS)      301
Consistency rules      158—160
Consumer-to-consumer (C2C) payment      1
Counterfeit transactions      233—234
Counterfeit transactions, acquirer in      234
Counterfeit transactions, issuer in      235
Counterfeit transactions, liability distribution      234
Counterfeiting      31—33 54
Counterfeiting, defined      31—32
Counterfeiting, embossed financial data      32
Counterfeiting, track 3 and      32. See also Threats
credit cards      16—17

1 2 3 4 5

О проекте