Secure Cardholder Authentication Scenario 2

Pre-Requisites: SCA (Strong Cardholder Authentication) (This document explains SCA implementation and configurations).

As discussed Scenario 2 focuses mainly:

Switch Interface or Restart Contactless with CVM Required

The config must be changed since we are ignoring Re-Authorise with Online PIN.

     byte[] configSca = {(byte) 0x30, (byte) 0xF0, (byte) 0x00, (byte) 0x00}; 
     //SIRCC, check for card support of contact/CDCVM. ROP not supported

Once your config is set, ACTION_TYPE_PINRequest and ACTION_TYPE_IdentificationRequired are converted to ACTION_TYPE_CDCVerificationMethod in the ARKOS 1.8.3 version and AMANACQ 1.2.2 version to force for switch Interface or Restart Contactless with CVM Required.

Your transactions will be either fall-forwarded or restarted with Reader CVM Required Limit to zero and

Reader Contactless Floor Limit to zero.

In addition to the Bulletin 33 of NexoFAST, we support ACTION_TYPE_PinRetry. Upon receiving an invalid PIN, the action type is called and it either restarts with Reader CVM Required Limit to zero and

Reader Contactless Floor Limit to zero or fall-forward.

If the pin is invalid, you will get a message “Invalid pin, please insert card” or “Invalid pin, present card again” depending on the card. (Dual interface or contactless only)

If the pin try limit is exceeded, you will get a message “Declined Pin Limit Exceeded Please Contact Issuer".

The pin try limit has to be set in your acquirer/payment gateway as an ARC that will be converted to an action type.

In our case, we have ARC 75 for the pin try limit exceeded that will be converted to a new ACTION_TYPE(ACTION_TYPE_PINFailed) that we included outside the NexoFAST spec.

This new Action type has been added in AMANACQ 1.2.2 version.

case ActionType7Code_PINF:
  TRACE_WARN("Parsing non Nexo value PINF");
  elemSet_FromUInt8(action, ACTION_TYPE,ACTION_TYPE_PINFailed);

Example of an acceptor authorisation response with the PINF action type

<Document xmlns="urn:iso:std:iso:20022:tech:xsd:caaa.002.001.06">
<AccptrAuthstnRspn>
<Hdr>
<MsgFctn>AUTP</MsgFctn>
<PrtcolVrsn>6.0</PrtcolVrsn>
<XchgId>36</XchgId>
<CreDtTm>2023-12-12T17:28:01.419+00:00</CreDtTm>
<InitgPty>
<Id>MONEY2020VEGA$</Id>
</InitgPty>
<RcptPty>
<Id>Amadis</Id>
</RcptPty>
</Hdr>
<AuthstnRspn>
<Envt>
<POIId>
<Id>PreCert1</Id>
<ShrtNm>PreCer1</ShrtNm>
</POIId>
</Envt>
<Tx>
<TxId>
<TxDtTm>2023-12-12T12:27:57.000-05:00</TxDtTm>
<TxRef>00000011</TxRef>
</TxId>
<RcptTxId>000000000174</RcptTxId>
<TxDtls>
<Ccy>EUR</Ccy>
<TtlAmt>42.89</TtlAmt>
<ICCRltdData>igI3NZEIq80BAgMEBQY=</ICCRltdData>
</TxDtls>
</Tx>
<TxRspn>
<AuthstnRslt>
<AuthstnNtty>
<Id>Hamacq</Id>
<Tp>ACQR</Tp>
<Issr>ACQR</Issr>
<Ctry>CA</Ctry>
<ShrtNm>Hamacq Reference Host 01</ShrtNm>
</AuthstnNtty>
<RspnToAuthstn>
<Rspn>DECL</Rspn>
</RspnToAuthstn>
<AuthstnCd>000174</AuthstnCd>
</AuthstnRslt>
<Actn>
<ActnTp>PINF</ActnTp>
</Actn>
</TxRspn>
</AuthstnRspn>
<SctyTrlr>
<CnttTp>AUTH</CnttTp>
<AuthntcdData>
<Vrsn>0</Vrsn>
<Rcpt>
<KEK>
<Vrsn>0</Vrsn>
<KEKId>
<KeyId>SpecV1TestKey</KeyId>
<KeyVrsn>2010060715</KeyVrsn>
<SeqNb>1</SeqNb>
<DerivtnId>OYclpQE=</DerivtnId>
</KEKId>
<KeyNcrptnAlgo>
<Algo>DKP9</Algo>
</KeyNcrptnAlgo>
<NcrptdKey>4pAgABg=</NcrptdKey>
</KEK>
</Rcpt>
<MACAlgo>
<Algo>MCCS</Algo>
</MACAlgo>
<NcpsltdCntt>
<CnttTp>DATA</CnttTp>
</NcpsltdCntt>
<MAC>E6GUQ4l51gc=</MAC>
</AuthntcdData>
</SctyTrlr>
</AccptrAuthstnRspn>
</Document>

Examples of ARC to Action types conversion that we used:

Payment Scheme	ARC (Tag 8A)	Action Types	Notes

Payment Scheme

ARC (Tag 8A)

Action Types

Notes

MasterCard

65

ACTION_TYPE_PINRequest

This code will be treated as Switch
Interface or Restart Contactless
with CVM Required” (SIRCC)

Converted to: CDCV:
ACTION_TYPE_CDCVerificationMe
thod

55

ACTION_TYPE_PinRetry

75

ACTION_TYPE_PINFailed

Payment Scheme	ARC (Tag 8A)	Action Types	Notes

Payment Scheme	ARC (Tag 8A)	Action Types	Notes
Visa	1A	ACTION_TYPE_FallForward
	70	`ACTION_TYPE_PINRequest`	This code will be treated as Switch Interface or Restart Contactless with CVM Required” (SIRCC) Converted to: CDCV: ACTION_TYPE_CDCVerificationMe thod
	55	`ACTION_TYPE_PinRetry`
	75	`ACTION_TYPE_PINFailed`

Payment Scheme	ARC (Tag 8A)	Action Types	Notes

Payment Scheme	ARC (Tag 8A)	Action Types	Notes
Amex	12	ACTION_TYPE_FallForward
	13	`ACTION_TYPE_PINRequest`	This code will be treated as Switch Interface or Restart Contactless with CVM Required” (SIRCC) Converted to: CDCV: ACTION_TYPE_CDCVerificationMe thod
	55 / Action code 117	`ACTION_TYPE_PinRetry`
	75 / Action code 106	`ACTION_TYPE_PINFailed`

The is the drafted document used for sca implementation.