Which Terminal Settings Am I Allowed to Change?
- Kas Thomas (Deactivated)
- IT-ADMIN G (Deactivated)
ID TECH incorporates an approved EMV Level 2 Kernel (referred to as the Kernel) into its various products. There are five principal configurations certified in the Kernel: 1C, 2C, 3, 4C, and 5C. Each has major and minor parameters. Customers can configure those parameters to suit their product needs. However, according to EMV rule, only minor parameters, and certain specific functions in the major parameters, are allowed to be changed for each configuration.
When the Kernel is incorporated into the firmware for a product, the firmware needs to limit the host so that only the allowable bits in the major parameters can be changed. A hash is used to verify that no major bits have changed in the config parameters. If you attempt to change any bits that aren't considered minor, the change will be disallowed and flagged as an error.
EMV Rules on Major and Minor Parameters
The Kernel is certified for five configurations. Each configuration has major parameters and minor parameters according to EMV rules. The parameters are set via TLVs. Each tag has its own default value for each configuration.
Seven tags govern the major parameters. Those major parameters cannot be changed according to EMV rules, with the exception of certain bits. The following are the tags for major parameters:
9F33 – 3 bytes
9F35 – 1 byte
9F40 – 5 bytes
DF11 – 1 byte
DF26 – 1 byte
DF27 – 1 byte
DFEE1E – 8 bytes
There are no restrictions in minor parameters and they can be changed according to EMV rules.
Restricted Bits in Major Parameters
Three tags contain parameters that can be configured. The other four tags cannot be changed. Within the configurable parameters, certain restrictions apply, as follows. (Note that bit numbering begins at one and goes through 8.)
Tag 9F33 - Terminal Capabilities
Byte 1: Bit 6 (IC with Contacts) NOT ALLOWED TO CHANGE
Byte 2: Bits 8,7,6,5,4 (CVM Capability) NOT ALLOWED TO CHANGE
Byte 3: Bits 8,7,4 (Security Capability, SDA/DDA/CDA) NOT ALLOWED TO CHANGE
Tag 9F40 - Additional Terminal Capabilities
Byte 1, Bits 8,7,6,5 (Transaction Type Goods, Cash, Services, Cashback) NOT ALLOWED TO CHANGE
Byte 4, Bits 2,1 (Code tables 10-9, these all need to be 0) NOT ALLOWED TO CHANGE
Byte 5, Bits 8,7,6,5,4,3,2,1 (Code tables 2-8, these all need to be 0, Bit 1 needs to be 1) NOT ALLOWED TO CHANGE.
Tag DFEE1E Terminal Configuration
Byte 2: Bits 8,7,3 (PSE, Cardholder Confirmation, Default DDOL) NOT ALLOWED TO CHANGE
Byte 3: Bits 8,7,6,5,4,3 (CAPK action, PIN functions) NOT ALLOWED TO CHANGE
Byte 4: Bits 8,7,6,5,4,3 (TRM Settings) NOT ALLOWED TO CHANGE
Byte 5: Bits 8,7,6,5,4,3,2 (TAC/IAC settings) NOT ALLOWED TO CHANGE
Byte 6: Bits 8,7,6,5,4,3,2 (Advise/Referral/Batch) NOT ALLOWED TO CHANGE
Changes to the other four major TLVs are not permitted.
Product Notes
The default configuration for Spectrum Pro is 4C, which only supports no CVM. 3C adds chip and PIN capabilities with the addition with a PIN pad (L100). Neither 3C nor 4C allow for chip-and-signature (chip-and-sig wouldn't make sense for Spectrum Pro, which is an unattended device).
Augusta supports 2C (which allows cardholder confirmation of Language Selection and application selection) and 5C (no customer confirmations). For Quick Chip, use 5C (2C will work as well. But some card will require the customer choose from multiple applications (i.g. credit or debit) or languages available on the card. So, 2C will work but it is not as quick).
Terminal 1C is for attended devices using chip and PIN (e.g. PISCES).
See the table below for additional information about ID TECH EMV L2 Kernel configurations.
Terminal Capabilities | 1C | 2C | 3C | 4C | 5C | Major/ Minor |
Card Data Input Capability | ||||||
Terminal Type | 22 | 21 | 25 | 25 | 21 |
|
Manual Key Entry | Yes | No | No | No | No | Minor |
Magnetic Stripe | Yes | Yes | Yes | Yes | Yes | Minor |
IC with Contacts | Yes | Yes | Yes | Yes | Yes | N/A |
CVM Capability | ||||||
Plaintext PIN | Yes | No | Yes | No | No | Major |
Online Enciphered PIN | Yes | No | Yes | No | No | Major |
Signature (Paper) | Yes | Yes | No | No | Yes | Major |
Offline Enciphered PIN | Yes | No | Yes | No | No | Major |
No CVM | Yes | Yes | Yes | Yes | Yes | Major |
Security Capability | ||||||
SDA and DDA | Yes | Yes | Yes | Yes | Yes | Major |
Card Capture | No | No | No | No | No | Minor |
CDA | Yes | Yes | Yes | Yes | Yes | Major |
Transaction Type Capability | ||||||
Tran Type – Cash | Yes | Yes | No | No | Yes | Major |
Tran Type – Goods | Yes | Yes | Yes | Yes | Yes | Major |
Tran Type – Services | Yes | Yes | Yes | Yes | Yes | Major |
Tran Type – Cash Back | Yes | Yes | No | No | Yes | Major |
Tran Type – Inquiry | No | No | No | No | No | Minor |
Tran Type – Transfer | No | No | No | No | No | Minor |
Tran Type – Payment | No | No | No | No | No | Minor |
Tran Type – Admin | No | No | No | No | No | Minor |
Tran Type – Cash Deposit | No | No | No | No | No | Minor |
Terminal Data Input Capability Minor | ||||||
Keypad | Yes | Yes | Yes | Yes | Yes |
|
Numeric Keys | Yes | Yes | Yes | Yes | Yes | Minor |
Alpha and Special Character Keys | Yes | Yes | Yes | Yes | Yes | Minor |
Command Keys | Yes | Yes | Yes | Yes | Yes | Minor |
Function Keys | Yes | Yes | Yes | Yes | Yes | Minor |
Terminal Data Output Capability | ||||||
Print, Attendant | Yes | Yes | No | No | Yes | Minor |
Print, Cardholder | No | No | Yes | Yes | No | Minor |
Display, Attendant | Yes | Yes | No | No | Yes | Minor |
Display, Cardholder | No | No | Yes | Yes | No | Minor |
Code Table 10 | No | No | No | No | No | If value of supported table changed: Minor
If removing all the supported tables or indicating one as supported when previously none were: Major |
Code Table 9 | No | No | No | No | No | |
Code Table 8 | No | No | No | No | No | |
Code Table 7 | No | No | No | No | No | |
Code Table 6 | No | No | No | No | No | |
Code Table 5 | No | No | No | No | No | |
Code Table 4 | No | No | No | No | No | |
Code Table 3 | No | No | No | No | No | |
Code Table 2 | No | No | No | No | No | |
Code Table 1 | Yes | Yes | Yes | Yes | Yes | |
Application Selection | ||||||
PSE | Yes | Yes | Yes | Yes | Yes | Major |
Cardholder Confirmation | Yes | Yes | Yes | No | No | Major |
Preferred Display Order | No | No | No | No | No | Major |
Partial AID Selection | Yes | Yes | Yes | Yes | Yes |
|
Multi Language | Yes | Yes | Yes | Yes | Yes | Minor |
EMV Language Selection Method | Yes | Yes | Yes | Yes | Yes | Minor |
Common Character Set | Yes | Yes | Yes | Yes | Yes |
|
Data Authentication | ||||||
Max CA Public Key | 248 | 248 | 248 | 248 | 248 |
|
Exponents | 3 and 2^16+1 | 3 and 2^16+1 | 3 and 2^16+1 | 3and 2^16+1 | 3 and 2^16+1 |
|
Revocation of Issuer PK Certificate | Yes | Yes | Yes | Yes | Yes | Major |
Certificate Revocation List Format | RID/CA PK Index Cert SN | RID/CA PK Index Cert SN | RID/CA PK Index Cert SN | RID/CA PK Index Cert SN | RID/CA PK Index Cert SN | Major |
Default DDOL | Yes | Yes | Yes | Yes | Yes | Major |
Manual Act. when CA PK loading fails | No | No | No | No | No | Major |
CA PK verified with Checksum | Yes | Yes | Yes | Yes | Yes | Major |
Cardholder Verification Method | ||||||
Bypass PIN Entry | Yes | No | No | No | No | Major |
Subsequent Bypass PIN Entry | Yes | No | No | No | No |
|
Get Data for PIN Try Counter | Yes | No | Yes | No | No | Major |
Fail CVM | Yes | Yes | Yes | Yes | Yes | Major |
Amount known before CVM process | Yes | Yes | Yes | Yes | Yes | Major |
Terminal Risk Management | ||||||
Floor Limit Checking | Yes | Yes | Yes | Yes | Yes | Major |
Random Transaction Selection | Yes | No | Yes | Yes | No | Major |
Velocity Checking | Yes | Yes | Yes | Yes | Yes | Major |
Transaction Log | Yes | No | Yes | Yes | No | Major |
Exception File | No | No | No | No | No | Major |
TRM irrespective of AIP setting | Yes | Yes | Yes | Yes | Yes | Minor |
Terminal Action Analysis | ||||||
Terminal Action Codes Supported | Yes | Yes | Yes | Yes | Yes | Major |
TAC can be changed | Yes | Yes | Yes | Yes | Yes |
|
TAC can be deleted of disabled | No | No | No | No | No |
|
Default Act. Codes prior to 1st Gen AC | No | No | No | No | No | Major |
Default Act. Codes after 1st Gen AC | No | No | No | No | No | Major |
TAC/IAC – Default Skipped | No | Yes | No | No | Yes |
|
TAC/IAC – Default normal processing | Yes | No | Yes | Yes | No |
|
CDA failure detected prior TA Analysis | Yes | Yes | Yes | Yes | Yes |
|
Mode 1 (CDA on ARQC and 2GenAC) | Yes | Yes | Yes | Yes | Yes |
|
Mode 2 (CDA on ARQC only) | No | No | No | No | No |
|
Mode 3 (No CDA on ARQC or 2GenAC) | No | No | No | No | No |
|
Mode 4 (CDA on 2GenAC only) | No | No | No | No | No |
|
|
|
|
|
|
|
|
Completion Processing | ||||||
Forced Online | Yes | N/A | No | No | N/A | Major |
Forced Acceptance | No | No | No | No | No | Major |
Advices | No | No | No | No | No | Major |
Issuer Referrals | Yes | Yes | No | No | Yes | Major |
Batch Data Capture | Yes | Yes | Yes | Yes | Yes | Major |
Online Data Capture | Yes | Yes | Yes | Yes | Yes | Major |
Default TDOL | Yes | Yes | Yes | Yes | Yes | Major |
Exception Handling | ||||||
POS Entry Mode | 80 | 80 | 80 | 80 | 80 | Minor |
Miscellaneous | ||||||
PIN Pad | Yes | No | Yes | No | No | Minor |
Amount and PIN on same keypad | Yes | No | No | No | No | Minor |
ICC/Magstripe Reader Combined | No | No | Yes | Yes | No | Minor |
If Combined, is Magstripe read first? | N/A | N/A | No | No | N/A | Minor |
Supports Account Type selection | Yes | Yes | Yes | Yes | Yes | Minor |
Support “on fly” script processing | No | No | No | No | No |
|
Issuer Script device limit > 128 bytes | No | No | No | No | No |
|
If limit > 128, value supported? | N/A | N/A | N/A | N/A | N/A |
|
Internal Date Management | Yes | Yes | Yes | Yes | Yes |
|
Related articles
There are no items with the selected labels at this time.