5 Mastercard MCHIPA and EMV Settings
The following table describes the Mastercard Chip and PIN Application (MCHIPA)
Mastercard Chip and PIN Application, is a specification developed by MasterCard for the secure processing of transactions using EMV (Europay, Mastercard, and Visa) chip cards. It outlines the protocols and standards for card authentication, transaction processing, and data security in environments where chip-and-PIN is used. settings relevant to Thredd.
The M/Chip Advance application supports both Contact and Contactless interfaces.
The Tag values are as described in the EMV MCHIPA Chapter 26 “Data Dictionary”.
This table only includes the parameter/tag settings that are relevant to Thredd.
|
Tag & Name |
Byte / Bit (s) |
Description |
Thredd comment |
|---|---|---|---|
|
Accumulator 1 Control (Contact) ‘DF11’ [MCHIPA]
(Len = 1 byte) |
Byte 1 bits 2-1 |
Include in Issuer Application Data Values: b00 = Do not include b01 = Include Accumulator as Value b10 = Include as Balance b11 = RFU |
You can set this to ANY. However, Thredd recommend that, unless you have a specific reason why not, they SHOULD set the value to b01 (Include Accumulator as Value), in order for the “Plaintext/Encrypted Counters” field in tag ‘9F10’ to be similar to M/Chip 4.1, to keep consistency where possible. |
|
Accumulator 1 Control (Contactless) ‘DF12’ [MCHIPA]
(Len = 1 byte) |
Byte 1 bits 2-1 |
Same values as Accumulator 1 Control (Contact) tag ‘DF11’ |
Same comment as ‘DF11’ above. |
|
Accumulator 1 Currency Conversion Table ‘D1’ [MCHIPA]
(Len = 25 bytes) |
All |
Holds a table of currency conversion values in order to convert the transaction amount from the transaction currency to the currency of Accumulator 1. |
You can set this to ANY. An Issuer Script is required to update this. To update many cards with a new conversion rate table, please raise a Thredd request (this may be chargeable). Our suggestion is to choose sensible values that can remain on the card throughout the card’s lifetime. For example, by being conservative on the rate values. |
|
Accumulator 2 Control (Contact) ‘DF14’ [MCHIPA] (Len = 1 byte) |
Byte 1 bits 2-1 |
Same values as Accumulator 1 Control (Contact) tag ‘DF11’ |
You can set this to ANY. |
|
Accumulator 2 Control (Contactless) ‘DF15’ [MCHIPA] (Len = 1 byte) |
Byte 1 bits 2-1 |
Same values as Accumulator 1 Control (Contact) tag ‘DF11’ |
You can set this to ANY. |
|
Accumulator 2 Currency Conversion Table ‘DF17’ [MCHIPA]
(Len = 25 bytes) |
All |
Holds a table of currency conversion values in order to convert the transaction amount from the transaction currency to the currency of Accumulator 2. |
Same comment as (Accumulator 1 Currency Conversion Table ‘D1’) above. |
|
Application Control (Contact) ‘D5’ [MCHIPA]
(Len = 6 bytes) |
Byte 1 bit 8 |
Accept Online Transactions without ARPC |
Thredd recommend this SHOULD be set to b0 to ensure that only valid ARPC values are accepted (Although you can set to ANY). |
|
|
Byte 1 Bit 7 |
Skip CIAC-Default On CAT3 |
You can set this to ANY. However, care should be taken when setting this, as if set (value b1) it enables limitless offline transactions in some offline-only terminals |
|
|
Byte 1 bit 2 |
Session Key Derivation Algorithm: b0 = Mastercard Proprietary SKD b1 = EMV CSK |
This can be set to any value, and values can be mixed across cards in the same Thredd Card Product. |
|
|
Byte 1 bit 1 |
b1 = Encrypt Offline Counters |
Thredd recommend that this SHOULD be set to b0, since Thredd currently do not support decrypting the counters. However, Thredd currently ignore the counter values, so it is possible to set to b1. |
|
|
Byte 2 bit 1 |
b1 = Include Counters in AC |
This can be set to ANY.
|
|
|
Byte 3 bits 8-7 |
Compute Cryptographic Checksum command support.Indicates whether the card supports Magnetic Stripe Contactless. Values: b00 = RFU b01 = Compute Cryptographic Checksum Supported b10 = Compute Cryptographic Checksum Not Supported b11 = RFU |
Thredd currently do not support verifying the CVV3. This means that Thredd cannot detect fraudulent Mastercard Magnetic Stripe Contactless transactions. Therefore, Thredd recommend this SHOULD be set to b10 (Not supported.) Magnetic Stripe Contactless is being phased out. |
|
|
Byte 3 bit 3 |
b1 = Use M/Chip 4 CDOL 1 |
Thredd recommend this SHOULD be set to 0. This therefore permits the Transaction Time and Merchant Custom Data to be set to the card in 1st GENERATE AC, and thus sent to the Issuer. |
|
|
Byte 5 bits 4-2 |
Issuer Host Backwards Compatibility Values: b000 = No host backwards compatibility b001 = M/Chip v2.1 and M/Chip v2.2 host backwards compatibility b010 = M/Chip v2.0.5 host backwards compatibility b011 = M/Chip 4 v1.1 and M/Chip 4 v1.3 Host backwards compatibility b1xx = RFU |
Thredd recommend this SHOULD be set to b000. This enables the full M/Chip Advance data to be used and sent to Thredd (the Issuer). This MUST be set to either b000 or b011, otherwise AC validation and CVR decoding will fail, causing transaction declines. |
|
|
Byte 6 bit 2 |
b1 = Reset Script Counter With Online Response |
Thredd recommend this SHOULD be set to b1. This means the script counter in the CVR will behave as it did for M/Chip 4.1 (counting the number of script commands received since the last valid ARPC.) |
|
Application Control (contactless) ‘D7’ [MCHIPA]
(Len = 6 bytes) |
Byte 1 bit 8 |
Accept Online Transactions without ARPC |
Thredd recommend this SHOULD be set to b0 (Although you can set to ANY). |
|
|
All other bits and bytes |
All the bits have the same meaning as Application Control (contact) – see ‘D5’ above. |
Except for Byte 1 bit 8 (see directly above), the same Thredd comments apply for the contactless setting the same way they do for the contact setting (see Application Control (contact) tag ‘D5’ above.) |
|
Application Interchange Profile Tag ‘82’ [EMV]
(Len = 2 bytes) |
Byte 1 bit 1 |
b1 = CDA is supported |
You can set this to ANY. Thredd recommend it SHOULD be set to b1 if the card supports this, in order to avoid man-in-the-middle wedge attacks on chip transactions. |
|
Card Issuer Action Code (Contact) – Decline ‘C3’ [MCHIPA]
(Len = 3 bytes) |
Byte 1 bit 8 |
b1 = Last Online Transaction Not Completed |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then if the Last Online Transaction was not completed, the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 1 bit 4 |
b1 = PIN Try Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then if the offline PIN is blocked on the card, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 2 bit 8 |
b1 = Lower Consecutive Counter 1 Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this limit is exceeded, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 2 bit 7 |
b1 = Upper Consecutive Counter 1 Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this limit is exceeded, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 2 bit 6 |
b1 = Lower Cumulative Accumulator 1 Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this limit is exceeded, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 2 bit 5 |
b1 = Upper Cumulative Accumulator 1 Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this limit is exceeded, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 2 bit 4 |
b1 = Go Online On Next Transaction was set |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this situation happens, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 2 bit 3 |
b1 = Issuer Authentication Failed |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this situation happens, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 2 bit 2 |
b1 = Script Received |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this situation happens, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 2 bit 1 |
b1 = Script Failed |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this situation happens, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 3 bit 8 |
b1 = Lower Consecutive Counter 2 Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this limit is exceeded, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 3 bit 7 |
b1 = Upper Consecutive Counter 2 Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this limit is exceeded, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 3 bit 6 |
b1 = Lower Cumulative Accumulator 2 Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this limit is exceeded, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 3 bit 5 |
b1 = Upper Cumulative Accumulator 2 Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this limit is exceeded, then the card will decline all contact transactions offline, effectively blocking the card. |
|
|
Byte 3 bit 3 |
1 = Number of Days Offline Limit Exceeded |
Thredd recommend this SHOULD be set to b0. Otherwise (if b1), then once this situation happens, then the card will decline all contact transactions offline, effectively blocking the card. |
|
Card Issuer Action Code (Contactless) – Decline ‘CF’ [MCHIPA]
(Len = 3 bytes) |
All |
Indicates whether the card should decline an offline contactless transaction |
You can set this to ANY. If a contactless transaction is declined offline, the cardholder will generally try a contact transaction instead (if possible.) Therefore, where above for the Card Issuer Action Code (contact) – Decline (‘C3’) a bit is recommended to be b0, the same is not necessarily true for the contactless equivalent. |
|
Card Issuer Action Code (Contact) – Online ‘C5’
(Len = 3 bytes) |
All |
|
ANY. Care should be taken in setting this. |
|
Card Issuer Action Code (Contactless) – Online ‘CE’ [MCHIPA]
(Len = 3 bytes) |
All |
|
ANY. Care should be taken in setting this. |
|
Card Issuer Action Code (Contact) – Default ‘C4’
(Len = 3 bytes) |
All |
|
ANY. Care should be taken in setting this. |
|
Card Issuer Action Code (Contactless) – Default ‘CD’ [MCHIPA]
(Len = 3 bytes) |
All |
|
ANY. Care should be taken in setting this. |
|
Common Currency conversion Table ‘D2’ [MCHIPA] (v1.2.3)
(Len = 100 bytes) |
All |
A currency conversion table, which can be used for at least the following: Accumulator 1 Accumulator 2 Maximum Transaction Amount check (possibly others) |
Same comment as Accumulator 1 Currency Conversion Table ‘D1’
|
|
Counter 1 Control (Contact) ‘DF1A’ [MCHIPA]
(Len = 1 byte) |
Byte 1 bits 2-1 |
Include in Issuer Application Data Values: b00 = Do not include b01 = Include counter as value b10 = Include as balance b11 = RFU |
You can set this to ANY. However, Thredd recommend that, unless you have a specific reason why not, they SHOULD set the value to b01 (Include Counter as Value), in order for the “Plaintext/Encrypted Counters” field in tag ‘9F10’ to be similar to M/Chip 4.1, to keep consistency where possible. |
|
Counter 1 Control (contactless) ‘DF1B’ [MCHIPA]
(Len = 1 byte) |
Byte 1 bits 2-1 |
Same as Counter 1 Control (Contact) ‘DF1A’, but for contactless. |
Same comment as Counter 1 Control (Contact) ‘DF1A’ |
|
Cryptogram Version Number Part of ‘9F10’ [MCHIPA]
(Len = 1 byte) |
All |
Arrives in transactions only, not configured in profile. |
This is not configured, and you should not see it in the profile. Therefore, nothing to do. (The values for Cryptogram Version Number received in part of ‘9F10’ in a transaction are set from the relevant bits in the Application Control (Contact or Contactless as applicable for the transaction.)) |
|
CVM List Tag ‘8E’ [EMV]
(Len= 10-252 bytes) |
All |
List of Cardholder Verification Methods |
You can set this to ANY. However, if Issuer Action Code – Denial (Tag ‘9F0E’) byte 3 bit 8 (cardholder verification) is ‘1’, then it is very important that if Offline PIN CV fails, the CVM list will try online PIN. |
|
CVR Issuer Discretionary Data (Contact) Tag ‘DF3C’
(Len = 1 byte) |
Byte 1 |
Issuer discretionary data object of which the two least significant bits are copied in the Card Verification Results when the contact interface is active. |
SHOULD be set to hex ‘00’. This is because non-zero values can be used to indicate Biometric sensor-on-card tests as per M/Chip Advance Biometric specification. |
|
CVR Issuer Discretionary Data (Contactless) Tag ‘DF3D’
(Len = 1 byte) |
Byte 1 |
Issuer discretionary data object of which the two least significant bits are copied in the Card Verification Results when the contactless interface is active. |
SHOULD be set to hex ‘00’. This is because non-zero values can be used to indicate Biometric sensor-on-card tests as per M/Chip Advance Biometric specification. |
|
Issuer Action Code – Denial ‘9F0E’ [EMV]
(Len = 5 bytes) |
Bytes 1 to 5 |
Compared against the TVR by the terminal – any bits in common will result in transaction being declined offline. |
You can set this to ANY. But note that they should set this with care, since if a test would always be TRUE for all transactions, the card is effectively useless, and a new one may need to be issued. |
|
Issuer Action Code – Denial ‘9F0E’ [EMV] (the value used for the contact interface)
(Len = 5 bytes) |
Byte 3 bit 8, for the contact interface only |
Cardholder verification failed |
For the contact interface value: You can set this to ANY, but if set to ‘1’ (decline offline if cardholder verification failed), then they should ensure that this will not prevent the card coming online to receive a new offline PIN. If this set to ‘1’, then the CVM list (tag ‘8E’) must be setup to ensure there that a blocked offline PIN does not permanently prevent the card going online to retrieve a new offline PIN. (See CVM list Tag ‘8E’ above.) |
|
Issuer Action Code – Online ‘9F0F’ [EMV]
(Len = 5 bytes) |
Bytes 1 to 5 |
Compared against the TVR by the terminal – any bits in common will result in transaction being sent online. |
ANY. Care should be taken in setting this. |
|
Issuer Action Code – Default ‘9F0D’ [EMV]
(Len = 5 bytes) |
Bytes 1 to 5 |
Compared against the TVR by the terminal – any bits in common will result in transaction being declined offline if: online was requested but not possible. |
ANY. Care should be taken in setting this. |
|
Log Entry Tag ‘9F4D’ [EMV]
(Len = 2 bytes) |
Byte 2 |
Maximum number of records in the transaction log file |
You can set this to ANY. The transaction log can be useful:
|