Radu Ch. — Implementing Electronic Card Payment Systems :: Электронная библиотека попечительского совета мехмата МГУ

Главная Ex Libris Книги Журналы Статьи Серии Каталог Wanted Загрузка ХудЛит Справка Поиск по индексам Поиск Форум

Авторизация

Поиск по указателям

Radu Ch. — Implementing Electronic Card Payment Systems

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: Implementing Electronic Card Payment Systems

Автор: Radu Ch.

Аннотация:

Radu, an electrical engineer who works as a consultant for payment systems and telecom operations in Belgium, has written a thorough description of EMV chip card technology. Following a description of chip migration with EMV and its use for debit and credit cards, Radu details the processing of such cards, including remote card payments, with attention to various formats. A lengthy section of appendices details the technology's security framework, threats, services, mechanisms, and risk management.

Язык:

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2003

Количество страниц: 464

Добавлена в каталог: 20.08.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID

Предметный указатель

Credit cards, APR      17
Credit cards, defined      16—17
Credit cards, stolen      28. See also Payment cards
CRM functions      273 274—278
CRM functions, categories      275
CRM functions, DDA processing error      276
CRM functions, definitions      283—286
CRM functions, input values      278
CRM functions, issuer authentication error      276 283—284
CRM functions, issuer script processing error      277
CRM functions, on-line authorization not completed      276
CRM functions, overspending in a period      277 284—286
CRM functions, overspending in consecutive off-line transactions      277—278
CRM functions, PDOL processing error      375
CRM functions, PIN try limit exceeded      276
CRM functions, SDA processing error      275. See also Card risk management (CRM)
Crypto check digits (CCD)      24
Cryptographic hash functions      376—380
Cryptographic hash functions, defined      377
Cryptographic hash functions, MAC      379—380
Cryptographic hash functions, proposed      378
Cryptographic hash functions, requirements      377—378. See also Security mechanisms
Cryptographic primitives      360—361
Cryptographic support, asymmetric      87—90
Cryptographic support, symmetric      76—80
Cycle begin parameter      23
Cycle length parameter      23
Data authentication      301—302 367
Data authentication, components      369
Data authentication, enforcing      369. See also Security services
data confidentiality      367
Data modification threat      297—298
Data modification threat, active wiretapping assumption      365
Data modification threat, forms      365. See also Communications channel threats; Threats
Data object list (DOL)      87
Data object list (DOL), contents      87
Data object list (DOL), dynamic (DDOL)      263
Data object list (DOL), variable command data input with      88
Data objects in cardholder verification      181—183
Data objects, CRM      278
Data objects, EMV $\texttrademark$ defined      248—249
Data objects, financial accumulators      281—283
Data objects, processing counters      280—281
Data objects, proprietary-defined      249—253
Data objects, sharable      250—251
Data objects, Terminal Type      265
Data objects, transaction flow flags      279—280
Data transmission protocols (layer 2)      65
Debit cards      16—17
Debit cards, defined      17
Debit cards, stolen      28. See also Payment cards
Dedicated files (DFs)      60
Dedicated files (DFs) as data container      61
Dedicated files (DFs), cryptographic keys      62
Dedicated files (DFs), referencing      62—63. See also Files
denial-of-service attacks      299 365
DES block cipher      402—404
Digital certificates      311
Digital signature schemes      380—383
Digital signature schemes with appendix      382—383
Digital signature schemes with PKCS#1      414—416
Digital signature schemes, attacks and      382
Digital signature schemes, items      380—381
Digital signature schemes, key generation algorithm      380
Digital signature schemes, ordinary signing protocol      381
Digital signature schemes, requirements      381—382
Digital signature schemes, signature generation algorithm      381
Digital signature schemes, signature verification algorithm      381
Digital signature schemes, signing procedure      381. See also Security mechanisms
Digital signature with recovery      383 410—413
Digital signature with recovery, defined      410—411
Digital signature with recovery, signature generation      411—412
Digital signature with recovery, signature verification      412—413
Digital signature-based DDA      395—396
Directories, entries, ADF/DDF      114
Directories, entries, encoding      108—109
Directories, implementation      108
Directories, structure      110—112
Directory definition files (DDFs)      84—86
Directory definition files (DDFs) as entry point to ADFs      108
Directory definition files (DDFs) in EMV $\texttrademark$ file system      108—112
Directory definition files (DDFs), defined      86
Directory definition files (DDFs), directory entries      114
Directory definition files (DDFs), FCI of      109—110
Directory definition files (DDFs), referencing      86
Dual message network      42
Dynamic authenticator, computation      77
Dynamic authenticator, MAC-based      75 76
Dynamic authenticator, verification      78 79
Dynamic card authentication      368
Dynamic data authentication (DDA)      94
Dynamic data authentication (DDA), conditions for performing      161
Dynamic data authentication (DDA), digital signature-based      395—396
Dynamic data authentication (DDA), MAC-based      394—395
Dynamic data authentication (DDA), mechanisms      394—397
Dynamic data authentication (DDA), off-line      148 161 165—174
Dynamic data authentication (DDA), one-time passwords      396—397
Dynamic data authentication (DDA), overview      166—168
Dynamic data authentication (DDA), processing error      276
Dynamic data authentication (DDA), successful processing      174
Dynamic Data Object List (DDOL)      263
E-commerce applications, candidate list      344
E-commerce applications, processing initiation      345—346
E-commerce applications, selection      344—345. See also Chip e-commerce
E-commerce related technologies      419—427
eavesdropping      25—27 296
Eavesdropping of PIN      26
Eavesdropping, cardholder identification capture      26
Eavesdropping, defined      25
Eavesdropping, scenarios      25—26
Eavesdropping, waiter attack      25. See also Threats
Electrically erasable programmable memory (EEPROM)      57 58 59
Electrically erasable programmable memory (EEPROM), ICCs      261—262
Electrically erasable programmable memory (EEPROM), supplementary      269
Electronic codebook mode (ECB)      401
Elementary files (EFs)      60 63—65
Elementary files (EFs), application (AEFs)      83
Elementary files (EFs), internal      63
Elementary files (EFs), referencing methods      63—64
Elementary files (EFs), structures      64
Elementary files (EFs), working      63. See also Files
Embossed data      18—20
Embossed data, counterfeiting      32
Embossed data, financial items      18
Embossed data, manual capturing      19—20
Embossed data, PAN      18 19
EMV 2000–Integrated Circuit Card Specification for Payment Systems      92—95
EMV 2000–Integrated Circuit Card Specification for Payment Systems, Book 1      92—94
EMV 2000–Integrated Circuit Card Specification for Payment Systems, Book 2      94—95
EMV 2000–Integrated Circuit Card Specification for Payment Systems, Book 3      95
EMV 2000–Integrated Circuit Card Specification for Payment Systems, Book 4      95
EMV 2000–Integrated Circuit Card Specification for Payment Systems, defined      92
EMV 96–Integrated Circuit Card Specification for Payment Systems      92 93
EMV $\texttrademark$ application selection      115—122
EMV $\texttrademark$ application selection, candidate list      115—116
EMV $\texttrademark$ application selection, candidate list, building directly      119—121
EMV $\texttrademark$ application selection, candidate list, building from PSE      118—119
EMV $\texttrademark$ application selection, final      121—122
EMV $\texttrademark$ application selection, list of supported applications and      117
EMV $\texttrademark$ application selection, matching criteria application and      117
EMV $\texttrademark$ application selection, mechanism      94
EMV $\texttrademark$ cards as token      340
EMV $\texttrademark$ cards in cardholder access device      340—341
EMV $\texttrademark$ cards in cardholder access device configuration      292
EMV $\texttrademark$ cards, file organization      86
EMV $\texttrademark$ cards, multiple applications      227
EMV $\texttrademark$ cards, partial name selection support      103—106
EMV $\texttrademark$ cards, transaction processing, for e-commerce      293
EMV $\texttrademark$ certificates      4 125—145
EMV $\texttrademark$ certificates, certification mechanism/algorithm      125—126

EMV $\texttrademark$ certificates, chains      129—132
EMV $\texttrademark$ certificates, public key      125—140
EMV $\texttrademark$ certificates, signed static application data      125 140—145
EMV $\texttrademark$ certificates, types of      125
EMV $\texttrademark$ data elements      96—99
EMV $\texttrademark$ data elements, classes      98
EMV $\texttrademark$ data elements, defined      96
EMV $\texttrademark$ data elements, grouping in record templates      99
EMV $\texttrademark$ data elements, length field      97—98
EMV $\texttrademark$ data elements, specification      98—99
EMV $\texttrademark$ data elements, tag field      97
EMV $\texttrademark$ debit/credit      147—225
EMV $\texttrademark$ debit/credit, AEF(s)      148
EMV $\texttrademark$ debit/credit, AFL      154—156
EMV $\texttrademark$ debit/credit, AFL processing      156—158
EMV $\texttrademark$ debit/credit, AIP      154—156
EMV $\texttrademark$ debit/credit, ATC      154
EMV $\texttrademark$ debit/credit, authorization response      151
EMV $\texttrademark$ debit/credit, card layout      247
EMV $\texttrademark$ debit/credit, cardholder verification      178—195
EMV $\texttrademark$ debit/credit, ICC interchange      149
EMV $\texttrademark$ debit/credit, initiate application processing      152—156
EMV $\texttrademark$ debit/credit, issuer authentication      221—222
EMV $\texttrademark$ debit/credit, issuer scripts      222—225
EMV $\texttrademark$ debit/credit, off-line data authentication      160—174
EMV $\texttrademark$ debit/credit, on-line dynamic CAM for      263
EMV $\texttrademark$ debit/credit, on-line processing      217—221
EMV $\texttrademark$ debit/credit, overview      147—148
EMV $\texttrademark$ debit/credit, payment network processing      151
EMV $\texttrademark$ debit/credit, PDOL      153—154
EMV $\texttrademark$ debit/credit, processing restrictions      174—178
EMV $\texttrademark$ debit/credit, read application data      156—160
EMV $\texttrademark$ debit/credit, terminal action analysis      201—217
EMV $\texttrademark$ debit/credit, terminal risk management      195—201
EMV $\texttrademark$ debit/credit, transaction overview      148—151
EMV $\texttrademark$ debit/credit, TSI      152—153
EMV $\texttrademark$ debit/credit, TVR      152
EMV $\texttrademark$ file system      84—85 99—115
EMV $\texttrademark$ file system, ADFs      99—106
EMV $\texttrademark$ file system, AEFs      106—108
EMV $\texttrademark$ file system, DDFs      108—112
EMV $\texttrademark$ file system, payment system environment      112—115
EMV $\texttrademark$ protocol stack mapping to      93
EMV $\texttrademark$ regulatory framework      228—236
EMV $\texttrademark$ regulatory framework, business objectives      229—231
EMV $\texttrademark$ regulatory framework, functional requirements      231—233
EMV $\texttrademark$ regulatory framework, minimal card requirements      231
EMV $\texttrademark$ regulatory framework, minimal terminal requirements      231—232
EMV $\texttrademark$ regulatory framework, security politics      233—236
EMV $\texttrademark$ specifications      82
EMV $\texttrademark$ specifications, data organization      92—95
EMV $\texttrademark$ specifications, ICC, deriving by issuers      236—239
EMV $\texttrademark$ specifications, organization      92—95
EMV $\texttrademark$ specifications, transaction processing for chip e-commerce      291 340
EMV $\texttrademark$ transactions      89
EMV $\texttrademark$ transactions, completion      355—356
EMV $\texttrademark$ transactions, finalization      147
EMV $\texttrademark$ transactions, flow      152
EMV $\texttrademark$ transactions, network support      228
EMV $\texttrademark$ transactions, profile      342—344
EMV $\texttrademark$ transactions, status      220
EMV $\texttrademark$ , application context in cardholder system      342—346
EMV $\texttrademark$ , card application      87
EMV $\texttrademark$ , Cardholder Verification Methods      179—181
EMV $\texttrademark$ , certifiers      125 127—129
EMV $\texttrademark$ , Chip Electronic Commerce framework      5
EMV $\texttrademark$ , chip migration issues      3—4 227—286
EMV $\texttrademark$ , choice of      4
EMV $\texttrademark$ , data objects heap      158
EMV $\texttrademark$ , data organization      4 91—122
EMV $\texttrademark$ , defined      82
EMV $\texttrademark$ , defined data objects      248—249
EMV $\texttrademark$ , entities      127—129
EMV $\texttrademark$ , functionality      247
EMV $\texttrademark$ , mapping of data objects      84
EMV $\texttrademark$ , message manager component      340
EMV $\texttrademark$ , payment method      4 147
EMV $\texttrademark$ , payment system implementation      232
EMV $\texttrademark$ , protocol stack      93
EMV $\texttrademark$ , remove debit/credit with      5—6
EMV $\texttrademark$ , terminal application      87
EMV $\texttrademark$ , terminals      149—150 159
Enciphered PIN verification, asymmetric      390—391
Enciphered PIN verification, on-line      267—268 387—388
Enciphered PIN verification, symmetric      389
Encoding elements with fixed format      71—72
Encoding of directory entries      108—109
Encoding with fixed format      71—72
Encoding, BER-TLV      82—84
Encoding, self-determined      82—84
Encryption      373—376
Encryption asymmetric      375—376
Encryption with PKCS#1      414—416
encryption, defined      373
encryption, symmetric      374—375
Encryption, unified model      374. See also Security mechanisms
Entity authentication (ES) services      302—303
Entity authentication (ES) services, defined      367
Entity authentication (ES) services, dynamic card authentication      368
Entity authentication (ES) services, static card authentication      368. See also Security services
Entity Public Key, remainder      129
Entity Public Key, splitting      130. See also Public key certificates
Europay, MasterCard, and Visa      See EMV $\texttrademark$
EXTERNAL AUTHENTICATE command for issuer authentication      221—222
EXTERNAL AUTHENTICATE command, C-APDU      221
File System      60—64
File system, customized, organization      84—86
File system, dedicated files      60—63
File system, elementary files      63—64
File system, EMV $\texttrademark$ card      84—85
File system, fixed, organization      73
File system, mapping data objects into      72
File system, master file      60
File system, proprietary payment application      73. See also ICCs
Files, application definition (ADFs)      84—86 99—106
Files, application elementary (AEFs)      106—108
Files, dedicated (DFs)      60 61 62—63
Files, directory definition (DDFs)      84—86 108—112
Files, elementary (EFs)      60 63—64
Files, master (MF)      60
Financial data, embossed      18—20
Financial data, modification, voiding      30
Financial data, modifying      30—31
Financial data, track 3      23
Financial service availability      253—254
Fraudulent transactions      29 235—236
Fraudulent transactions, acquirer in      235
Fraudulent transactions, issuer in      235—236
Fraudulent transactions, liability distribution in      235—236
General Packet Radio Service (GPRS)      419
GENERATE AC command      205 266
GENERATE AC command with reference control parameter      218
GENERATE AC command, ACC return      216
GENERATE AC command, ARQC return      215—216
GENERATE AC command, C-APDU      209
GENERATE AC command, ending with error code      265
GENERATE AC command, TC return      216
GET DATA command      200
GET PROCESSING OPTIONS command      153 257 345
Hash code      377
hash functions      377—379
Hash functions, defined      377
Hash functions, proposed      378
Hash functions, requirements      377—378
ICC architecture, hardware resources      239—240
ICC architecture, selection criteria      239—242
ICC architecture, software platform      241—242
ICC emulator      265
ICC hardware resources      239—240
ICC hardware resources, choice      239

1 2 3 4 5

О проекте