0

I have read the ISO7816, 3GPP, and EMV datasheet, but I havn't understood how to identify if the communication is GSM or EMV or anything else.

The problem is that commands are different beetwin each protocol, but have sometimes the same INS (GSM FETCH : INS = 12 and basic ISO7816 PERFORM TRANSACTION OPERATION : INS = 12).

I need to know with previous commands like SELECT or READ BINARY, if the communication is etablished in GSM or EMV or something else.

Is it possible ? The CLA have something to do with that ?

ETSI 102 221 say FETCH : CLA = 80 ; INS = 12 ; ISO7816-7 say FETCH : INS = 10 ; P2 = 8A ;

I'm really confused, and I don't really understand.

Thanks for the help.

Tim

MokaT
  • 1,416
  • 16
  • 37

2 Answers2

3

You can think of the first (high order) bit of the CLA byte as part of the INS byte. The reason is that this is the proprietary bit, which means that the rest of the APDU is only compatible with the format of ISO 7816, but not defined by it.

Obviously it is better to try and find other methods than fingerprinting the APDU communications, although I must admit I could not find much on protocol identification in the ETSI standard you pointed to. There are many different smart card protocols and ISO 7816-4 is only a (very badly designed) umbrella protocol.

If you are lucky you will have some more information in ISO 7816-15, but most of the time only ID cards adhere to that particular part.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Thanks for the explanation. If I've understand, if the b8 of CLA is 1 (like CLA = 80 / CLA = A0 / ...) it's proprietary, which means GSM or EMV, if not, it's 7816-4. But there is no good way to find out if it's GSM or EMV, I can watch P1 and P2, maybe that will help me to defined if that was a GSM or EMV command. – MokaT Nov 07 '12 at 09:47
0

@owlstead - PKCS#15 (or 7816-15) does not REALLY help with deciphering incoming APDU-s, in fact it does not describe APDU-s but data object relations.

But from practical perspective - you would most probably have two different applications (thus entry points) for EMV and GSM.

The basic commands are the same but their meaning varies (think of REST applications on top of HTTP...)

Martin Paljak
  • 4,119
  • 18
  • 20
  • You cannot treat answers the same way as comments, martin, this won't register as a response. And yes, I understand ISO 7816-15, but you can still extract information from it if it is being used. It would be pretty useful knowing that a card is ISO 7816-15 compatible when trying to "fingerprint" it. – Maarten Bodewes Feb 18 '13 at 22:08
  • That's the result of hastily using any "input box" on a website, without first looking if it is a comment or reply or something totally different.... – Martin Paljak Feb 20 '13 at 14:05
  • Ah, yeah, got that same issue myself once :) – Maarten Bodewes Feb 20 '13 at 16:01