Versions Compared

Old Version 22

changes.mady.by.user Olivier Chauvineau

Saved on

compared with

New Version Current

changes.mady.by.user Olivier Chauvineau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

The architecture model used by Agnos Framework lies on a 3-tiers structuration. For convenience, let's map each tier to an EMV semantic level:

  • Tiers1≅ EMV Level1: level covering all platform related services. It includes card coupling (CT and CL)

  • Tiers2≅ EMV Level2: level covering card processing services. It covers EMVCo L2 CT , EMVCo L2 CL, and payment networks' CL specifications

  • Tiers3≅ EMV Level3: level covering payment services. It covers all applications or libraries providing services to sales systems, or using services from TMS, or acquirer/processing systems

Tiers1 - EMV Level1

See GPI page.

Agnos Framework runs on top of a HAL, the GPI interface (see release notes or gpi.c for versioning). Depending on the platform’s constraints, a GPI may have different structures (single static lib, single dynamic lib, one or more dynamic lib, client/server architecture, etc…). However, it always provides the same API to higher abstraction levels (i.e. Level2 and Level3).

The most important aspect to take into account before adapting a GPI to a new platform is the hardware security architecture. Does the platform use a single or 2 processors (i.e. 1 applicative chip + 1 secured chip)? How PCI constraints will be supported?

...

It may require between 4 and 10 weeks to implement a new GPI and to qualify it. Refer to [1] for more details.

Then, performance constraints must also be considered early in the project when working on the Level1 part. Contactless projects brings new level of constraints that shall be anticipated.

Finally,acquirer/processor requirements are to be foreseen also. They are not part of the EMV specifications. The features covering that topic are beyond Agnos. Hence, these functions are included into the xGPI:

...

It may require between 4 and 10 weeks to implement and to test the features related to xGPI.

Tiers2 - EMV Level2

See AGNOS page
See AGNOSEP page

...

  • Compilation options aligned on projects requirements and RAM constraints (see Symbols, options, and constants)

  • Physical model to deploy (i.e what are the units of compilation)

  • Performance, and platform integration requirements (fallback to other interface(s), displays, UX, …) (see Qualification Knowledge Base)

Tiers3 - EMV Level3

See AGNOSMW page.

Level3 includes AgnosMW, optionally AgnosGE, and a sample code Kizis including transaction triggering, configuration management, EMV initiation/completion pattern and an EMVCo payment application used for EMVCo contact Level2 certification. The main steps to follow while integrating Agnos are:

What are the payment brands to support and the card interfaces to support?

  • To validate whether contact and contactless interfaces are required for each brand?

  • To validate whether or not different contact payment applications are required?

What are the ICS required for the project?

  • To validate that the specific TMS data model (backing Agnos) supports them

  • To validate that Agnos supports them

What are the merchant requirements?

  • Who enter/validate the amount? When?

  • Is there a TIP?

  • What are the UI requirements when a card is not removed? A card is mute? A chip card is swiped?

  • Does the Level3 support fallbacks? How?

  • Are there any performance constraints to be considered like card removal at opening gates?

  • How many languages are supported?

  • How does a merchant trig a transaction: from a cash register? from a device resident software component?

  • Is there any logical/physical separation to be implemented to support certification constraints?

  • Are there any offline acceptance cases when terminal is unable to go online? How does the terminal manage them in a secure way?

  • What is the receipt format? Which EMV parameters shall be used according regional rules?

What is the processor context for the project?

  • To validate the security scheme (DUKPT? Master/Session? Key Loading? …)

  • To validate the processor protocol (ISO8583? SPDH? EPAS/Nexo Acquirer? …)

  • To validate the transport layer (TCP/IP? TCP/IP/SSL?);

  • To validate the configuration protocol and related parameters (integrated in processor protocol or not? EPAS TMS?)

  • To understand how to configure Agnos from a specific TMS data model

Are there any regional specifications

  • EMV selection rules like in Canada or US

  • Quick Chip like in US

  • Amount validation at PIN entry

It may require between 6 and 10 months to implement and to test the features related to Level3. Refer to [3] and [6] for more details.

EMV Implementations

See EMV Implementations page.

Special Notes

ATM

ATM implementation: see ATM page.

Transit Gates

Payment at the gates implementation: see Transit - Open Payment See Logical Model page.