payment - Payment Application - EMV
问题描述
I'm developing a payment application for Android. I've read all four EMV books (version 4.3) which I used to implement the protocol for the communication with a terminal. I also bought the terminal simulator kit from Mastercard for testing my application.
With this simulator I'm able to read data from my real, physical debit card to get informations like the issuer public key certificate, etc. I put these informations into my application to "simulate" a card. But there is some data I don't receive through the terminal simulator like the Issuer Master Key for generating the Application Cryptogram.
So my question is if there is any possibility to get the missing data? Maybe it's online available? Or do I have to cooperate with an issuer bank? Sorry for this general question but I really appreciate every tip you have for me! Thank you!
解决方案
发行者主密钥生成并保存在发行者的主机 HSM 中。每张已发行的卡都装有来自发行者主密钥的派生密钥。因此,每张卡都有自己的派生密钥。由于密钥用于应用密码计算并且必须信任 AC,因此永远无法读取密钥(如果可以,则 EMV 的安全性被破坏)。因此,发行人不会与任何人共享发行人主密钥,而只会保存在 HSM 中!
推荐阅读
- sql - “+”的 PL/SQL 代码中的错误
- postgresql - postgres 容器抛出“转发主机查找失败:未知主机”
- python - 计算 3D 点云的 EMD 非常慢
- ruby-on-rails - 从 rails 渲染过程为 Vue 模型设置值
- sql - Change number automatically with function
- java - JaCoCo(离线仪器)在
乐器 分析整个 pom.xml。但我只需要测试部分 - android - Layouts sometimes overlap in android fragment
- mysql - Determine customers that have spent money at the company for the first time, each month (mySQL)
- java - 查找数组 java 的最佳系数变量
- ionic-framework - 离子中的货币掩码