This content has been marked as final. Show 5 replies
The response to GET-DATA 00CF is the same as the first 10 bytes of the INIT-UPDATE response.
You should be able to use the Gemalto documentation of the Visa2 protocol. You can get the KEY DATA from either command.
init-update => 8050000008810050013D7F01BB00 <= 00001097001545955529 04020014C343BDBA9544852B384F1799D577 9000 get-data => 80CA00CF00 <= CF 0A 00001097001545955529 9000
Sorry - no.
The Gemalto document says to use data from the CPLC info, not from the diversification info. I believe that's incorrect so I'm looking for the SOURCE VISA2 document.
The version of this in GPShell uses the diversification info (CF and Init Data - and yes I do know they're the same thing), but I can't find the original specification on-line.
You may be able to find what comes from the CPLC and you should find it is the same as tag CF and the INIT-UPDATE response as well. Are you able to describe your use case a little more? Do you have cards from a vendor that come with diversified keys? Are you trying to add diversified keys to cards that use a specific algorithm?
To find the details you are after, you could try looking at the EMV CPS 1.1 document. Section 4.1 describes key derivation. It is much the same as the Gemalto document but the KEY DATA is a little different.
My question was "what is the reference document for the VISA2 key diversification function?".
I didn't ask about EMV key derivation because I already had that reference.
The CPLC data is NOT the same as the tag CF or INIT UPDATE diversification array. And in no GP document that I've found is it required to be. In fact the guidance is that CF is derived from tag 42 and tag 45 - card issuer and card id.
And FYI - I think the reference document for Visa2 key diversification is "VISA Card Production Guide" - probably 1.0, but I can't get a copy of that. Given other text I've found, I think the Gemalto "use the CPLC for diversification for VISA" is probably correct. But without a copy of the reference I can't confirm that.
You don't seem to be readin my response very well. I had questions that if you bothered to answer may give me more details to help. I also did not say CPLC == 00CF or INIT-UPDATE response.
As you may know, the VISA (and MasterCard) specs are often based on the EMV specs with implementation details defined more strictly. Given the only difference between EMV CPS and Gemalto documentation is what data they use (CSN + 2 bytes of selected applet AID or KEY DATA). You may be able to use either to work out how to diversify the keys you need.