The following documentation is based on nexoFAST Specification Update Bulletin No. 33 Handling of Issuer Requests for SCA.

For contactless transactions, nexo FAST supports configurable processing of issuer requests for Strong Customer Authentication (SCA).

During an online authorisation, there exists two types of issuer requests for SCA which may be received in the online response :

• Re-Authorise with Online PIN

• Switch Interface or Restart Contactless with CVM Required

Both types have been implemented as specified in Bulletin 33 and can be configured based on a user’s requirements.

The Tag DF6B has been added as per the specification to satisfy the various conditions during a transaction.

Name	Tag	Length (bytes)

Name	Tag	Length (bytes)
Configuration for Issuer SCA Request Processing (CISR)	DF6B	4

It is to be noted that this tag has to be added in each of your E6 template if you plan on using SCA as it is configured per application profile.

The table below shows the configurations that you could choose to get the wanted behaviour.

How to configure this tag ?

Since Atheos does not support this new tag yet, it has to be added programmatically with the provided code.

byte[] hardcodedValueForVisa = {(byte) 0x30, (byte) 0xF0, (byte) 0x00, (byte) 0x00}; //SIRCC, check for card support of contact/CDCVM
byte[] hardcodedValue = {(byte) 0x30, (byte) 0x50, (byte) 0x00, (byte) 0x00};   //SI Only, don't check for card support of contact
byte[] hardcodedValue = {(byte) 0xb0, (byte) 0xD0, (byte) 0x00, (byte) 0x00};   ////SIRCC, don't check for card support of contact. ROP supported       
byte[] hardcodedValue = {(byte) 0xb0, (byte) 0xF0, (byte) 0x00, (byte) 0x00}; //SIRCC, check for card support of contact/CDCVM. ROP supported

The four lines above are examples of configs you could make programmatically. Below shows where to put them exactly. Copying the snippet below and just adjusting the byte[] hardcodedValue per your configurations is enough to support SCA.

    private TlvTree setSCAConfiguration(TlvTree config) {
      byte[] hardcodedValueForVisa = {(byte) 0x30, (byte) 0xF0, (byte) 0x00, (byte) 0x00}; //SIRCC, check for card support of contact/CDCVM
      byte[] hardcodedValueForMastercard = {(byte) 0xb0, (byte) 0xF0, (byte) 0x00, (byte) 0x00}; //SIRCC, check for card support of contact/CDCVM. ROP supported

        TlvTree nexoFastConfig = config.GetChild(Configuration.NEXO_FAST_CONFIGURATION);
        if (nexoFastConfig != null) {
            TlvTree[] applicationTemplates = nexoFastConfig.GetChildren(0xE6);
            for (TlvTree currentApplicationTemplate : applicationTemplates) {
                String scheme = currentApplicationTemplate.GetElementAscii(Payment.Context.SCHEME_IDENTIFIER);
                if (scheme != null) {
                    switch (scheme.toLowerCase()) {
                        case "visa":
                            Log.d("SCA-cfg", "scheme is visa, hardcoding 0xDF6B to visa value");
                            currentApplicationTemplate.SetBin(0xDF6B, hardcodedValueForVisa);
                            break;
                        case "mastercard":
                          Log.d("SCA-cfg", "scheme is visa, hardcoding 0xDF6B to mastercard value");
                          currentApplicationTemplate.SetBin(0xDF6B, hardcodedValueForMastercard);
                          break;
                        default:
                            Log.d("SCA-cfg", "scheme " + scheme + " is not visa, hardcoding 0xDF6B to normal value");
                            currentApplicationTemplate.SetBin(0xDF6B, hardcodedValue);
                            break;
                    }
                } else {
                    Log.d("SCA-cfg", "scheme is null, hardcoding 0xDF6B to normal value");
                    currentApplicationTemplate.SetBin(0xDF6B, hardcodedValue);
                }
            }
        } else {
            Log.d("SCA-cfg", "No NexoFAST Configuration");
        }

        return config;
    }

The function below modifies the Config taken from Atheos and adds the customized SCA behaviour.

  private void updateArkosConfigurationCustom(TlvTree cfgResult){
        setTerminalConfiguration(cfgResult);
        setSCAConfiguration(cfgResult);
        setCustomArkosBehavior(cfgResult);
        ArkosConfiguration.Update(cfgResult.AsBytes());
        ArkosConfiguration.AddHostSecurityInfo("SpecV1TestKey", "2010060715", true);



        TlvTree nexoFastConfig = cfgResult.GetChild(Configuration.NEXO_FAST_CONFIGURATION);
        if (nexoFastConfig != null) {{
            CurrencyFormat.update(
                    ArkosHelperConfiguration.getCurrencyCode(),
                    ArkosHelperConfiguration.getCountryCodeNumeric());
        }}

        ArkosMerchantExtension.getInstance().updateExceptionFileFromConfiguration(cfgResult);
    }

Amadis Developer's Guide

Amadis

SCA (Strong Cardholder Authentication)

How to configure this tag ?