Reputation: 169
EMV card online PIN verification
Are there EMV cards, which do not support online PIN verification? Or all EMV cards support both online and offline PIN and terminal decides which to use?
Thanks in advance.
Upvotes: 1
Views: 4341
Answers (3)
Reputation: 402
Yes, it can.
Actually the idea of payment card is to ease the payment method itself, generating more transactions and revenue (more interchange fee). That is the reason why in some of the CVM configuration has "Signature" or even "NO CVM" at all.
It is up to the issuer to decide based on the risk management and the capability of their IT system. Capability means, for example, in some country that I know, the offline PIN cannot be changed after issuance at the first time due to the cost/risk of supporting offline PIN change, that is by implementing Issuer Script support on their ATM/Terminals.
Here are the list of supported CVM:
- Offline Plain text PIN
- Offline enciphered PIN
- Online Plain Text PIN
- Online enciphered PIN
- Signature
- No CVM
Upvotes: 0
Reputation: 8116
Pure EMV Cards (i.e. the ones conforming only to the EMV Specifications -- no VISA,MC...) do not need to support any cardholder verification at all.
Whether they do is specified in bit 'b5' of the first byte of AIP (Application Interchange Profile).
See the chapter 10.5 of the EMV Book 3.
The configuration of the card is up to the issuer.
Upvotes: 5
Reputation: 3659
Are there EMV cards, which do not support online PIN verification?
Actually As per EMV Standard all EMV card must support Online or offline pin verification. It is choice of issuer that which method to choose.
There are a Tag 8E (Card holder Verification method) which defined the same whether card support online or offline pin verification. for example if 8E - CVM List - 99 99 99 99 00 00 00 00 02 01 02 06 42 03 1E 00
CVR 1 - 0201 - Online Enciphered PIN If Unattended Cash & Stop
In Real scenario, Terminal read 8E tag during AFL read and check which method is using. If offline , pin is matched with reside in the card , if online , pin send to Issuer in encrypted form for authentication.
Hope it helps.
Upvotes: 2
Related Questions
- EMV INTERNAL AUTHENTICATE 6985 Respond
- Apple pay EMV transaction
- EMV Payment using nfc
- How to Read EMV based smart VISA card details
- EMV CAPK Selection
- EMV Static Data Authentication
- MIFARE card for payment with EMVco compliance
- Is Plaintext offline PIN verification on EMV card by Micro USB OTG reader?
- How can I read the purse balance with an EMV CARD?
- How to set online pin verification in EMV