1

I am having a problem with the EXTERNAL AUTHENTICATE process on my EMV card. When I authenticate the card to the host, the host responds failed : Card Cryptogram Verification Error.
Card cryptogram is obtained from the previous process to the card : INITIALIZE UPDATE.

INITIALIZE UPDATE response
Key Diversification Data (10 bytes)
Key Information (2 bytes)
Sequence Counter (2 bytes)
Card Challenge (6 bytes)
Card Cryptogram (8 bytes)

After we discussed with the host team, there might be a process that does not match in the Card Cryptogram calculation.

So we are looking for algorithms or formulas to calculate Cryptogram cards manually.

Is there an algorithm or formula for manually calculating Card Cryptogram?
Instead of INITIALIZE UPDATE data response.

My reference : How can I check INITIALIZE UPDATE and EXTERNAL AUTHENTICATE correctness?

Metris Sovian
  • 254
  • 4
  • 20
  • 1
    There are generic specification for application cryptogram in emv security and key management book, but I think the card schemes may have their own variation of the algo, so its better you check documentation with the card schemes – Pras Dec 18 '19 at 10:03
  • 1
    Answer is Yes, If you have the Card Master Key. Have you checked the Global Platform specification on as to how you can derive the session key from Card Master Key, and then the algorithm to generate the cryptogram. The data will be challenge I suppose. It is possible that each Secure Channel Protocol follows a different way. Have a detailed look for the GP Spec. – Adarsh Nanu Dec 19 '19 at 09:30

1 Answers1

1

I don't see the point. If the GP doesn't handle the INITIALIZE UPDATE command then it won't establish the security context. Computing the cryptogram is in that case no use at all. I don't think you have direct - or at least enough - access to the keys from the applet that acts as a security domain either, so retrieving the keys to perform the calculation should not be possible.

Really, the onus is on the host to fix the issue, not the card. Usually cards are implemented and tested against the specs, so there must be a missing option or the host may be using a different SCP which results in the cryptogram failing.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263