Chip Standard Profiles

M/Chip CardPersonalization

Standard Profiles(Including PayPass)

February 2010

Notices

Proprietary Rights The information contained in this document is proprietary andconfidential to MasterCard International Incorporated, one or more ofits affiliated entities (collectively “MasterCard”), or both.

This material may not be duplicated, published, or disclosed, inwhole or in part, without the prior written permission of MasterCard.

Trademarks Trademark notices and symbols used in this document reflect theregistration status of MasterCard trademarks in the United States.Please consult with the Customer Operations Services team or theMasterCard Law Department for the registration status of particularproduct, program, or service names outside the United States.

All third-party product and service names are trademarks or registeredtrademarks of their respective owners.

Billing For printed documents, MasterCard will bill principal members.Please refer to the appropriate MasterCard Consolidated BillingSystem (MCBS) document for billing-related information.

Information AvailableOnline

MasterCard provides details about the standards used for thisdocument—including times expressed, language use, and contactinformation—on the Member Publications Support page availableon MasterCard OnLine®. Go to Member Publications Support forcentralized information.

Translation A translation of any MasterCard manual, bulletin, release, or otherMasterCard document into a language other than English is intendedsolely as a convenience to MasterCard customers. MasterCardprovides any translated document to its customers “AS IS” and makesno representations or warranties of any kind with respect to thetranslated document, including, but not limited to, its accuracy orreliability. In no event shall MasterCard be liable for any damagesresulting from a customer's reliance on any translated document. TheEnglish version of any MasterCard document will take precedenceover any translated version in any legal proceeding.

Publication Code PSP

©2010 MasterCardFebruary 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

../MCBS/Menu_MCBS.html

../MCBS/Menu_MCBS.html

../Support/Menu_Support.html

Table of Contents

Chapter 1 Using this Document ..................................................................... 1-iPurpose.................................................................................................................................... 1-1

Related Information ........................................................................................................... 1-1

Audience.................................................................................................................................. 1-1

Benefits .................................................................................................................................... 1-2

Support .................................................................................................................................... 1-2

Overview of Standard Profiles ................................................................................................. 1-2

Chapter 2 Principles and Issuer Decisions...................................................... 2-iCard Application ...................................................................................................................... 2-1

Card Functions......................................................................................................................... 2-1Contact Payment................................................................................................................ 2-1Contactless Payment .......................................................................................................... 2-1MasterCard Authentication Solutions for Chip ................................................................... 2-1

File Structures .......................................................................................................................... 2-3

Issuer Host Grade Processing .................................................................................................. 2-3Chip Host Grade................................................................................................................ 2-3Mag Stripe Host Grade....................................................................................................... 2-3

Card Authentication ................................................................................................................. 2-4

Cardholder Verification ............................................................................................................ 2-4

Online Processing.................................................................................................................... 2-5Exclusively-Online Cards ................................................................................................... 2-5Online-Preferring Cards ..................................................................................................... 2-5

Debit MasterCard ..................................................................................................................... 2-5

Chapter 3 Selecting a Profile .......................................................................... 3-iAsia Pacific Region .................................................................................................................. 3-1

Canada Region......................................................................................................................... 3-2

Europe Region ......................................................................................................................... 3-3

Latin America and the Caribbean Region................................................................................. 3-4

South Asia/Middle East/Africa Region ..................................................................................... 3-5

Chapter 4 Issuer-Defined Data Elements....................................................... 4-iIssuer-Defined Data Elements.................................................................................................. 4-1

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 i

Table of Contents

Chapter 5 Standard Profiles for Maestro....................................................... 5-iProfile 01: Maestro with SDA—Full Chip Issuer ...................................................................... 5-1

Cardholder Verification ...................................................................................................... 5-1Application Usage Control ................................................................................................. 5-1Application Interchange Profile ......................................................................................... 5-1Issuer Risk Management .................................................................................................... 5-1PayPass.............................................................................................................................. 5-3MasterCard Authentication Solutions for Chip ................................................................... 5-3

Profile 02: Maestro with DDA—Full Chip Issuer ..................................................................... 5-6Cardholder Verification ...................................................................................................... 5-7Application Usage Control ................................................................................................. 5-7Application Interchange Profile ......................................................................................... 5-7Issuer Risk Management .................................................................................................... 5-7PayPass.............................................................................................................................. 5-9MasterCard Authentication Solutions for Chip ................................................................... 5-9Data Element List ............................................................................................................... 5-9

Profile 03: Maestro with CDA and DDA—Full Chip Issuer.................................................... 5-13Cardholder Verification .................................................................................................... 5-13Application Usage Control ............................................................................................... 5-13Application Interchange Profile ....................................................................................... 5-13Issuer Risk Management .................................................................................................. 5-13PayPass............................................................................................................................ 5-15MasterCard Authentication Solutions for Chip ................................................................. 5-15Data Element List ............................................................................................................. 5-15

Profile 04: Maestro with SDA—Mag Stripe Grade Issuer where issuer can interpretTVR/CVR................................................................................................................................ 5-19

Cardholder Verification .................................................................................................... 5-19Application Usage Control ............................................................................................... 5-19Application Interchange Profile ....................................................................................... 5-19Issuer Risk Management .................................................................................................. 5-19PayPass............................................................................................................................ 5-20MasterCard Authentication Solutions for Chip ................................................................. 5-20Data Element List ............................................................................................................. 5-20

Profile 05: Maestro with SDA—Mag Stripe Grade Issuer where issuer cannot interpretTVR/CVR................................................................................................................................ 5-24


©2010 MasterCardii 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

Table of Contents

Chapter 6 Standard Profiles for MasterCard/Debit MasterCard .................. 6-iProfile 11: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer(1) ............................................................................................................................................ 6-1

Cardholder Verification ...................................................................................................... 6-1Application Usage Control ................................................................................................. 6-1Application Interchange Profile ......................................................................................... 6-2Issuer Risk Management .................................................................................................... 6-2PayPass.............................................................................................................................. 6-3MasterCard Authentication Solutions for Chip ................................................................... 6-3Data Element List ............................................................................................................... 6-3

Profile 12: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer(2) ............................................................................................................................................ 6-7

Cardholder Verification ...................................................................................................... 6-7Application Usage Control ................................................................................................. 6-8Application Interchange Profile ......................................................................................... 6-8Issuer Risk Management .................................................................................................... 6-8PayPass.............................................................................................................................. 6-9MasterCard Authentication Solutions for Chip ................................................................... 6-9Data Element List ............................................................................................................. 6-10

Profile 13: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer(3) .......................................................................................................................................... 6-13


Profile 14: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer(1) .......................................................................................................................................... 6-19

Overview ......................................................................................................................... 6-19Cardholder Verification .................................................................................................... 6-20Application Usage Control ............................................................................................... 6-20Application Interchange Profile ....................................................................................... 6-20Issuer Risk Management .................................................................................................. 6-20PayPass............................................................................................................................ 6-22MasterCard Authentication Solutions for Chip ................................................................. 6-22Data Element List ............................................................................................................. 6-22

Profile 15: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer(2) .......................................................................................................................................... 6-25

Cardholder Verification .................................................................................................... 6-26Application Usage Control ............................................................................................... 6-26Application Interchange Profile ....................................................................................... 6-26

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 iii

Table of Contents

Issuer Risk Management .................................................................................................. 6-27PayPass............................................................................................................................ 6-28MasterCard Authentication Solutions for Chip ................................................................. 6-28Data Element List ............................................................................................................. 6-28

Profile 16: MasterCard/Debit MasterCard with DDA and offline PIN—Full Chip Issuer(1) .......................................................................................................................................... 6-32






Profile 19: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer(1) .......................................................................................................................................... 6-51


Profile 20: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer(2) .......................................................................................................................................... 6-57

©2010 MasterCardiv 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

Table of Contents


Profile 21: MasterCard/Debit MasterCard with CDA/DDA and offline PIN—Full ChipIssuer (1)................................................................................................................................ 6-63


Profile 22: MasterCard/Debit MasterCard with CDA/DDA and signature—Full Chip Issuer(2) .......................................................................................................................................... 6-69


Profile 23: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe GradeIssuer where issuer can interpret TVR/CVR........................................................................... 6-75


Profile 24: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe GradeIssuer where issuer cannot interpret TVR/CVR (1) ................................................................ 6-82

Cardholder Verification .................................................................................................... 6-82Application Usage Control ............................................................................................... 6-82Application Interchange Profile ....................................................................................... 6-83Issuer Risk Management .................................................................................................. 6-83PayPass............................................................................................................................ 6-84MasterCard Authentication Solutions for Chip ................................................................. 6-84

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 v

Table of Contents

Data Element List ............................................................................................................. 6-84





Profile 27: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe GradeIssuer where issuer cannot interpret TVR/CVR (4) ...............................................................6-100

Cardholder Verification ...................................................................................................6-100Application Usage Control ..............................................................................................6-101Application Interchange Profile ......................................................................................6-101Issuer Risk Management .................................................................................................6-101PayPass...........................................................................................................................6-102MasterCard Authentication Solutions for Chip ................................................................6-102Data Element List ............................................................................................................6-103

Profile 28: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe GradeIssuer where issuer cannot interpret TVR/CVR (1) ...............................................................6-106


Profile 29: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe GradeIssuer where issuer cannot interpret TVR/CVR (2) ...............................................................6-112

Cardholder Verification ...................................................................................................6-113Application Usage Control ..............................................................................................6-113Application Interchange Profile ......................................................................................6-113Issuer Risk Management .................................................................................................6-113

©2010 MasterCardvi 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

Table of Contents

PayPass...........................................................................................................................6-114MasterCard Authentication Solutions for Chip ................................................................6-114Data Element List ............................................................................................................6-115

Profile 30: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe GradeIssuer (3)...............................................................................................................................6-118


Profile 31: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe GradeIssuer (4)...............................................................................................................................6-124


Profile 32: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer(3) .........................................................................................................................................6-131


Chapter 7 Standard Profiles for MasterCard Electronic................................ 7-iProfile 51: MasterCard Electronic with no offline CAM and offline PIN—Full ChipIssuer ....................................................................................................................................... 7-1


Profile 52: MasterCard Electronic with no offline CAM and signature—Full ChipIssuer ....................................................................................................................................... 7-5

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 vii

Table of Contents


Profile 53: MasterCard Electronic with DDA and offline PIN—Full Chip Issuer...................... 7-9Cardholder Verification .................................................................................................... 7-10Application Usage Control ............................................................................................... 7-10Application Interchange Profile ....................................................................................... 7-10Issuer Risk Management .................................................................................................. 7-10PayPass............................................................................................................................ 7-11MasterCard Authentication Solutions for Chip ................................................................. 7-11Data Element List ............................................................................................................. 7-11

Chapter 8 Standard Profiles for PayPass ....................................................... 8-iProfiles Overview for PayPass ................................................................................................. 8-1

Profile 91: Maestro PayPass with CDA .................................................................................... 8-1Data Elements for Application Selection............................................................................ 8-1Data Elements Referenced in the AFL (PayPass) ............................................................... 8-2Get Processing Options Response ..................................................................................... 8-4Card Risk Management ...................................................................................................... 8-4Secret Keys ........................................................................................................................ 8-5Miscellaneous .................................................................................................................... 8-6

Profile 92: MasterCard/Debit MasterCard PayPass with SDA, signature preferred to onlinePIN........................................................................................................................................... 8-7

Data Elements for Application Selection............................................................................ 8-7Data Elements Referenced in the AFL (PayPass) ............................................................... 8-7Get Processing Options Response ................................................................................... 8-11Card Risk Management .................................................................................................... 8-11Secret Keys ...................................................................................................................... 8-12Miscellaneous .................................................................................................................. 8-13

Profile 93: MasterCard/Debit MasterCard PayPass with SDA, online PIN preferred tosignature ................................................................................................................................ 8-13

Data Elements for Application Selection.......................................................................... 8-14Data Elements Referenced in the AFL (PayPass) ............................................................. 8-14Get Processing Options Response ................................................................................... 8-18Card Risk Management .................................................................................................... 8-18Secret Keys ...................................................................................................................... 8-19Miscellaneous .................................................................................................................. 8-19

©2010 MasterCardviii 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

Table of Contents

Profile 94: MasterCard/Debit MasterCard PayPass with CDA, signature preferred to onlinePIN......................................................................................................................................... 8-20


Profile 95: MasterCard/Debit MasterCard PayPass with CDA, online PIN preferred tosignature ............................................................................................................................... 8-27


Appendix A Supplementary Data Elements per Card Version.....................A-iCounter Limits and Previous Transaction.................................................................................A-1

Counters and Data Elements with a Fixed Initial Value...........................................................A-1

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 ix

Chapter 1 Using this DocumentThis chapter outlines the standardized sets of card personalization data that an issuer can use fortheir M/Chip 4 cards to meet most common business requirements for contact payments, PayPass,and chip authentication.

This chapter outlines the standardized sets of card personalization data that an issuer can usefor their M/Chip 4 cards to meet most common business requirements for contact payments, andchip authentication.

Purpose.......................................................................................................................................... 1-1

Related Information ................................................................................................................. 1-1

Audience........................................................................................................................................ 1-1

Benefits .......................................................................................................................................... 1-2

Support .......................................................................................................................................... 1-2

Overview of Standard Profiles ....................................................................................................... 1-2

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 1-i

Using this DocumentPurpose

PurposeThis document provides a set of standard card personalization profiles thatissuers can use to personalize M/Chip 4 cards.

The profiles cover requirements for:

• Contact interface

• Contactless interface (PayPass)

• MasterCard Authentication Solutions for Chip

The standard card personalization profiles presented in this document areoptional and designed to address common issuing requirements in each marketand region that is migrating to chip technology.

Issuers are recommended to contact their MasterCard regional office to checkon the standard profiles which are fine tuned to their specific country orregion’s market requirements. Profiles are not restricted to a specific region,although they are designed with the needs of a region in mind.

If a standard profile is not used, issuers must still respect the chip personalizationrequirements detailed in:

• MasterCard Authentication Solutions for Chip (MAS4C): PersonalizationProfiles For M/Chip 4 Using PLA Technology (AA4C) and CAP Technology(CAP)

• M/Chip Personalization Data Specifications and Profiles

• PayPass Personalization Data Specifications

Related Information

The following documents provide information related to the subjects discussedin this manual:

• M/Chip Processing Services—Service Description

• M/Chip Requirements

For definitions of key terms used in this document, please refer to theMasterCard Dictionary on the Member Publications home page (on MasterCardOnLine® and the MasterCard Electronic Library CD-ROM).

AudienceThis document is intended for use by issuers, personalization bureaus, andprocessors involved in the issuance and personalization of M/Chip 4 basedcards.

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 1-1

Using this Document

Benefits

BenefitsBy using these standard card personalization profiles, issuers gain the followingbenefits:

• Define parameters that are accurate for the specific market and productproposition

• Avoid or reduce the time (and implicit costs) needed to analyze MasterCarddocumentation to determine what personalization parameters to use

• Have off-the-shelf card personalization profiles with defined characteristicsthat are compliant with the recommendations and the mandates expressedin MasterCard personalization requirements

• A reduction in the time and administration necessary to complete CardPersonalization Validation (CPV)

Issuers are, of course, able to perform their own analysis to determine theirindividual card personalization parameters. However, in doing so, issuers mustbalance the time, effort and costs of this analysis against the benefits that maybe achieved by using the standard card personalization parameters providedin this document.

MasterCard recommends using a Standard Profile wherever one is available tomeet an issuer’s business requirements.

SupportFor support and assistance with implementing the standard card profiles pre-sented in this document, please contact [email protected].

Overview of Standard ProfilesStandard Profiles are available for the following brands:

• Maestro®

• MasterCard®/Debit MasterCard®

• MasterCard® Electronic™

Standard Profiles are available for the following regions:

• Asia Pacific

• Canada

• Europe

• Latin America, Caribbean

• South Asia, Middle East, Africa

The Standard Profiles are designed to meet the usual business requirements forthe market. When using a Standard Profile, all values defined by the profilemust be used without alteration. Any changes made mean that the settings arenot consistent with the standard profile and a full CPV certification is required.

©2010 MasterCard1-2 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

mailto:[email protected]

Using this Document

Overview of Standard Profiles

The Standard Profiles are for use with the M/Chip 4 platform. Depending onthe standard card personalization profile used, the chip application will beM/Chip 4 Lite or M/Chip 4 Select.

These profiles are suitable for issuers subscribing to the M/Chip CryptogramPre-validation Service or to the Combined Service Option as defined in M/ChipProcessing Services—Service Description.

The Standard Profiles provide all the necessary personalization parametersexcept for those that are card specific (such as PAN) and a limited number thatare specific to the issuer and their situation, and must therefore be defined bythe issuer, such as country code, currency code, issuer keys and certificatesand offline limits.

All standard card personalization profiles use “semi-grade” or “mag stripe grade”card settings. The use of the semi-grade setting improves the card acceptance insome countries where the issuer Authentication Data is sometimes not deliveredto the card after an online authorization. A transaction can be approved offlineeven if no ARPC is received but the offline risk control counters are not reset,ensuring the card does not approve subsequent transactions without properissuer control.


Chapter 2 Principles and Issuer DecisionsThe following chapter defines card usage, types, and the requirements for using standard profiles.

Card Application ............................................................................................................................ 2-1

Card Functions............................................................................................................................... 2-1

Contact Payment...................................................................................................................... 2-1

Contactless Payment ................................................................................................................ 2-1

MasterCard Authentication Solutions for Chip ......................................................................... 2-1

File Structures ................................................................................................................................ 2-3

Issuer Host Grade Processing ........................................................................................................ 2-3

Chip Host Grade...................................................................................................................... 2-3

Mag Stripe Host Grade............................................................................................................. 2-3

Card Authentication ....................................................................................................................... 2-4

Cardholder Verification .................................................................................................................. 2-4

Online Processing.......................................................................................................................... 2-5

Exclusively-Online Cards ......................................................................................................... 2-5

Online-Preferring Cards ........................................................................................................... 2-5

Debit MasterCard ........................................................................................................................... 2-5


Principles and Issuer DecisionsCard Application

Card ApplicationStandard Profiles are for use with cards using an M/Chip 4 application.

If the card supports a dynamic offline card authentication method (CAM), anM/Chip Select application must be used. If the card does not support dynamicoffline CAM, an M/Chip Lite, or an M/Chip Select application may be used.

M/Chip 4 version 1.1a or 1.1b may be used. Either version supports theMasterCard SKD method for the AC key derivation used in these profiles.

Standard profiles cannot be used with older versions of M/Chip, such asM/Chip 2.1.

Card Functions

Contact Payment

Standard Profiles are used with cards that support a single payment application.

Standard Profiles do not support cards with multiple payment applications,although the personalization values listed may be used on different applicationsand submitted to the CPV process.

Contactless Payment

The card may also support a contactless interface (PayPass).

Five separate Standard Profiles for PayPass personalization are defined. Foreach contact Standard Profile selected, a single PayPass profile is defined.

Standard Profiles do not support PayPass cards using PayPass—M/Chip Flex.

MasterCard Authentication Solutions for Chip

The card may be personalized to also support MasterCard AuthenticationSolutions for Chip (MAS4C) as part of the payment application. MasterCardsuggests adding this personalization option to all cards is worthwhile even ifthe issuer has no short term plans to implement MAS4C.

The Chip Authentication Program (CAP) is a cardholder authentication methodwhich builds upon the authentication capabilities provided by EMV. CAP usesan EMV chip card and a Personal Card Reader (PCR) to generate a CAP Token.


Principles and Issuer Decisions

Card Functions

The Advanced Authentication for Chip (AA4C) further develops CAP. It is basedon the PLA specification, and:

• Accommodates cards that do not support offline (plaintext) PIN verification1

• Generates a CAP Token using either numeric or alphanumeric characters

The personalization settings described in this document support both CAP andAA4C solutions depending on the capability of the Personal Card Reader. If theStandard Profile does not support offline plain text PIN, then AA4C PersonalCard Reader must be used.

Two additional data elements must be personalized when using StandardProfiles to support MAS4C as described in this document:

• Issuer Authentication Flags (tag “9F55”)

• Issuer Proprietary Bitmap (tag “9F56”)

Partial personalization (for example:, IPB personalized on the card but noIAF personalized) is not accepted. Both data elements (IPB and IAF) must beretrievable using READ RECORD (AFL) only (No FCI Template.)

A CAP token of a maximum of 8 characters (alphanumeric) or 12 digits(numeric) is produced by these settings, depending on the type of personalcard reader used with the card.

The Standard Profiles described in this document do not support MAS4C usinga dedicated authentication application.

If an issuer decides to use a standard payment profile described in thisdocument without IAF and IPB and add a separate cardholder authenticationapplication (CAA), then the personalization of the CAA must comply with thepersonalization profiles defined to support MAS4C and approval will follow thenormal Card Personalization Verification procedure.

In order to validate a CAP Token, the issuer’s CAP Token Validation Service(CTVS) must be able to manage the Application Transaction Counter (ATC)and compute the Application Cryptogram based on the data carried by theCAP Token and other values known to the CTVS (static or derived). It is partof the basic security requirements to check the ATC values in order to counterreplay attacks. Cross contamination between payment and authentication maybe mitigated and controlled using a set of straightforward rules & checks. Tosupport mag stripe grade issuers and others wanting to implement MAS4C withlittle host system impact, MasterCard provides an on behalf CTVS.

1. PCRs compliant with this new specification skip the requirement for PIN entry when the EMVcard does not indicate support for offline (plaintext) PIN in the CVM List. Successful offlinePIN Verification is required if the card supports offline (plaintext) PIN.



File Structures

File StructuresIssuers are free to develop their own file structures on their chip cards forcontact payments, but it must not conflict with the PayPass requirements if thecard supports a dual interface.

When implementing PayPass, issuers must use the file structures defined foreach profile.

Issuer Host Grade Processing

Chip Host Grade

With Chip Host Grade, the issuer host system is able to receive chip data,validate the ARQC cryptogram, analyze the TVR and CVR, and use theinformation to influence the authorization decision. An ARPC is generated withthe authorization response.

If the issuer has Chip Host Grade, the card will be configured as “semi-grade.”This means that, in order to improve acceptance where there may be issuesin the acquirer infrastructure, this profile will approve transactions approvedonline even if no ARPC is provided to the card. To ensure a high level of riskcontrol, offline counters are not reset unless the card receives a valid ARPC.

Issuers that subscribe to the M/Chip Cryptogram Pre-validation Service or tothe Combined Service Option as defined in M/Chip Processing Services—ServiceDescription are considered as operating in Chip Host Grade.

Mag Stripe Host Grade

With Mag Stripe Host Grade, the issuer host system is not able to generate anARPC with the authorization response.

The issuer may or may not be able to interpret the TVR and CVR received withthe authorization message and influence the authorization response accordingly.This capability will influence several settings on the card and is therefore usedto help define mag-stripe grade profiles.

If the issuer has Mag Stripe Host Grade, the card will be configured as“mag-stripe grade.” In this profile the card will approve transactions approvedonline with no ARPC and the offline counters on the card are reset. Usingmag-stripe grade introduces extra risk for the issuer as a stolen card can havethe offline counters reset by a fraudster without any cryptographic control.

Issuers that subscribe to the M/Chip Conversion Service as defined in M/ChipProcessing Services—Service Description are considered as operating inMag-Stripe Host Grade.



Card Authentication

Card AuthenticationProfiles support:

• SDA—where simple static data authentication is acceptable to the issuerfor offline transactions

• DDA—where dynamic data authentication is required by the issuer foroffline transactions

• SDA and DDA on the same card—is not supported in these profiles

• CDA—where dynamic data authentication is required by the issuer foroffline transactions using the Combined Data Authentication that links theauthentication to the card transaction decision. DDA is also supportedwhen the card supports CDA as CDA support is not currently mandated onterminals. SDA is not supported in these profiles

• No offline CAM—where the card is an “online only” card

CDA profiles should only be used in markets where the local terminalinfrastructure supports all currently valid MasterCard public keys.

If the card supports dynamic offline CAM methods, an M/Chip Select applicationmust be used. If the card does not support dynamic offline CAM, an M/ChipLite application may be used.

Cardholder VerificationAll Standard Profiles support online PIN for ATMs. Every profile has “onlinePIN if unattended cash” or “online PIN if the terminal supports” as the firstentry in the CVM list.

offline PIN must be supported for Maestro and may be supported for MasterCardand MasterCard Electronic.

If the card supports offline PIN, then:

• Offline—plain text PIN is used on SDA cards and cards that do not supportan offline CAM

• Offline—enciphered PIN and offline, plain text PIN (in that order) are usedon DDA capable cards

The offline enciphered PIN uses the DDA key

For MasterCard and MasterCard Electronic, online PIN may be preferred tosignature at the POS.

If offline PIN fails or PIN entry is not possible for online PIN, the transactionmay be declined offline or may result in an online authorization. Where theissuer has a mag-stripe grade host and is not able to interpret the TVR / CVRand offline PIN is used, these transactions should be declined offline.


Principles and Issuer DecisionsOnline Processing

Online Processing

Exclusively-Online Cards

An exclusively-online card never approves a transaction offline. If onlineauthorization is not available, the card declines offline.

MasterCard cards must not be personalized to work exclusively online.MasterCard Electronic® cards must be personalized to be exclusively online.Maestro® cards may be exclusively online.

Unless the card also supports encrypted offline PIN, or the issuer operateswith a mag-stripe grade host, an exclusively-online card should not supportoffline CAM.

If the card does support encrypted offline PIN, or the issuer host is mag-stripegrade, the card is made exclusively online by the CIAC settings. Issuers arerecommended to use DDA cards in this situation.

Exclusively online cards should be personalized with their upper offline limitsset to zero.

Online-Preferring Cards

Online-preferring cards always request an online authorization, but may accepttransactions offline in certain situations (that is, when an online connection isnot available). MasterCard credit cards may be online-preferring.

Cards that normally work online should be personalized with their lower offlinelimits set to zero. The card may also be personalized as online-preferring bythe CIAC settings. Using the lower offline limits makes it easier to changethe status of the card post issuance.

All profiles that support offline transactions may be personalized asonline-preferring, domestically, internationally or both, and the CIAC settingsadjusted accordingly.

MasterCard cards should usually be able to authorize a controlled amount oftransactions at offline terminals and should not be personalized to routinelydecline all offline transactions.

Debit MasterCardIf the MasterCard Standard Profiles are used for Debit MasterCard, the settingsdefined in this book may be varied in that:

• The Application Label (tag 50) should be “Debit MasterCard.”

• The Application Usage Control (tag 9F07) should be “FFC0” to allow forcash back.


Chapter 3 Selecting a ProfileMembers should check with their MasterCard Regional Office to confirm which Standard Profiles areappropriate for their market.

The tables in this chapter indicate which profiles are available in each region and the decision criteriafor identifying which profile is appropriate to the issuer’s needs.

Asia Pacific Region......................................................................................................................... 3-1

Canada Region............................................................................................................................... 3-2

Europe Region ............................................................................................................................... 3-3

Latin America and the Caribbean Region....................................................................................... 3-4

South Asia/Middle East/Africa Region ........................................................................................... 3-5


Selecting a Profile

Asia Pacific Region

Asia Pacific RegionSeven Standard Profiles have been defined for different business requirementsin the Asia Pacific region for the MasterCard product.


Selecting a Profile

Canada Region

Canada RegionThree Standard Profiles have been defined for different business requirementsin the Canada region for the MasterCard product.


Selecting a ProfileEurope Region

Europe RegionNine Standard Profiles have been defined for different business requirementsin the Europe region.


Selecting a Profile

Latin America and the Caribbean Region

Latin America and the Caribbean RegionTen Standard Profiles have been defined for different business requirements inthe Latin America and the Caribbean region.


Selecting a Profile

South Asia/Middle East/Africa Region

South Asia/Middle East/Africa RegionSeven Standard Profiles have been defined for different business requirementsin the South Asia/Middle East/Africa region.


Chapter 4 Issuer-Defined Data ElementsThe following data elements are defined by the issuer and are not fixed per the Standard Profile.

Issuer-Defined Data Elements........................................................................................................ 4-1


Issuer-Defined Data ElementsIssuer-Defined Data Elements

Issuer-Defined Data ElementsData elements marked with an asterisk (*) are optional.

Data Element Name Tag Mandatory Value

Application Currency Code 9F42 Determined by issuer

Application Currency Exponent 9F44 Determined by issuer

Application Effective Date* 5F25 Determined by issuer

Application Expiration Date 5F24 Determined by issuer

Application Primary Account Number 5A Determined by issuer

Application Primary Account NumberSequence Number

5F34 Determined by issuer1

Cardholder Name 5F20 Determined by issuer

Determined by issuer2

Cardholder Name Extended* 9F0B Determined by issuer

Issuer Country Code 5F28 Country code of the bank issuingthe card

Language Preference* 5F2D Determined by issuer

Track 1 Discretionary Data* 9F1F Determined by issuer

Track 2 Discretionary Data* 9F20 Determined by issuer

Track 2 Equivalent Data 57 Determined by issuer

bit 8 must be 0 = Application maybe selected without confirmation ofcardholder

Application Priority Indicator 87

bits 4–1: priority of the application-determined by issuer. Normally‘0001’ for a card supporting just oneapplication.

Application File Locator 94 Determined by issuer

Lower Consecutive Offline Limit 9F14 Determined by issuer3

Upper Consecutive Offline Limit 9F23 Determined by issuer4

1. Use of the Application PAN Sequence Number is mandatory as it used by the M/Chip 4 appli-cation in the AC key derivation.

2. Cardholder Name must not be supported on the contactless interface.

3. A “normally online” card may set the LCOL to zero

4. The UCOL may not normally be set to zero for MasterCard cards


Issuer-Defined Data ElementsIssuer-Defined Data Elements


Lower Cumulative Offline TransactionAmount

CA Determined by issuer5

Upper Cumulative Offline TransactionAmount

CB Determined by issuer6

CRM Country Code C8 Same value as Issuer Country Codetag 5F28

Must not be ‘0000’

Reference (Offline) PIN N/A Determined by issuer7

SM for Integrity Master Key (MKSMI) N/A Determined by issuer

SM for Confidentiality Master Key(MKSMC)

N/A Determined by issuer

AC Master Key (MKAC) N/A Determined by issuer

Application Transaction Counter Limit N/A Determined by issuer

Key Derivation Index N/A Determined by issuer

Application Life Cycle Data 9F7E Determined by issuer

See also the card counter and limits data elements shown in AppendixA—Supplementary Data Elements per Card Version.

5. A “normally online” card may set the LCOTA to zero

6. The UCOTA may not normally be set to zero for MasterCard cards

7. Only required if card supports offline PIN


Chapter 5 Standard Profiles for MaestroThis chapter details the Standard Profiles that are available to an issuer for use with the Maestroproduct.

Profile 01: Maestro with SDA—Full Chip Issuer ............................................................................ 5-1


Application Usage Control ....................................................................................................... 5-1

Application Interchange Profile ............................................................................................... 5-1

Issuer Risk Management .......................................................................................................... 5-1

PayPass.................................................................................................................................... 5-3


Profile 02: Maestro with DDA—Full Chip Issuer ........................................................................... 5-6





PayPass.................................................................................................................................... 5-9


Data Element List ..................................................................................................................... 5-9

Profile 03: Maestro with CDA and DDA—Full Chip Issuer.......................................................... 5-13

Cardholder Verification .......................................................................................................... 5-13

Application Usage Control ..................................................................................................... 5-13

Application Interchange Profile ............................................................................................. 5-13

Issuer Risk Management ........................................................................................................ 5-13

PayPass.................................................................................................................................. 5-15

MasterCard Authentication Solutions for Chip ....................................................................... 5-15

Data Element List ................................................................................................................... 5-15

Profile 04: Maestro with SDA—Mag Stripe Grade Issuer where issuer can interpretTVR/CVR...................................................................................................................................... 5-19





PayPass.................................................................................................................................. 5-20




Standard Profiles for Maestro

Profile 05: Maestro with SDA—Mag Stripe Grade Issuer where issuer cannot interpretTVR/CVR...................................................................................................................................... 5-24





PayPass.................................................................................................................................. 5-25



©2010 MasterCard5-ii 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

Standard Profiles for MaestroProfile 01: Maestro with SDA—Full Chip Issuer

Profile 01: Maestro with SDA—Full Chip IssuerThis Standard Profile is for the issuer of Maestro cards supporting SDA in aFull Chip grade host processing environment or the issuer is using one of theappropriate MasterCard on-behalf services.

The card supports offline PIN (plain text) which is preferred to online PIN atthe POS. The card will always use online PIN at ATMs. Signature and “no CVM”are not supported. If offline PIN fails or if PIN entry is bypassed or not possible,the card will try to go online and decline the transaction if this is not possible.

The card may operate offline and Lower and Upper Limit parameters areused in risk management to decide whether to accept the transaction offlineor to request an online authorization. The card may be configured as onlinepreferring.

NOTE

This profile will normally be implemented on M/Chip 4 Lite. This profile may be implementedon M/Chip 4 Select.

Cardholder Verification

The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions) or Manual

Cash (cash advance)*• Offline plain text PIN*, if the terminal is able to perform it• Online PIN* for other cases (such as any terminal does not support offline

PIN)* If these CVM are not successful, then CVM processing has failed.

Application Usage Control

The card is valid for any domestic and international use, for example: Goods,Services, Cash, and Cash Back.

The card can be used at ATM, POS, and any other devices.

Application Interchange Profile

Functions that the card requests:• SDA• Terminal Risk Management• Cardholder Verification

Issuer Risk Management

Risk management is performed by the terminal via Issuer Action codes (IAC)and by the card via Card Issuer Action Codes during each transaction.



The settings for risk management are:• If offline CAM is not performed, then the transaction must go online. If it is

not possible to go online, then the transaction is rejected.• If SDA fails, then the transaction must go online. If it is not possible to go

online, then the transaction is rejected.• If ICC Data is missing, then the transaction must go online. If it is not

possible to go online, then the transaction is rejected.• If the card appears on an exception file, then the transaction must go

online. If it is not possible to go online, then the transaction is rejected.• If the card application has expired, then the transaction must go online. If it

is not possible to go online, then the transaction is rejected.• If the card application is not yet effective, then the transaction must go

online. If it is not possible to go online, then the transaction is acceptedoffline.

• If card usage is not allowed, then the transaction must go online. If it is notpossible to go online, then the transaction is rejected.

• If the card is a new card the terminal takes no action on this issue.• If the cardholder verification is unsuccessful, then the transaction must go

online. If it is not possible to go online, then the transaction is rejected.• If the offline PIN fails (or if the offline PIN try limit is exceeded), then

the transaction must go online. If it is not possible to go online, then thetransaction is rejected.

• If the PIN is bypassed, then the transaction must go online. If it is notpossible to go online, then the transaction is rejected.

• If the PIN pad is not working, then the transaction must go online. If it isnot possible to go online, then the transaction is rejected.

• If the terminal erroneously considers the offline PIN to be approved, but ithas not been approved by the card, then the transaction must go online. Ifit is not possible to go online, then the transaction is rejected.

• If the transaction amount exceeds the terminal floor limit, then thetransaction must go online. If it is not possible to go online, then thetransaction is rejected.

• If the terminal forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedoffline.

• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedoffline.

• If the Lower Consecutive Offline Limit is exceeded (for a transactionperformed in a non-issuer currency), then the transaction must go online. Ifit is not possible to go online, then the transaction is accepted offline.

• If the Lower Cumulative Offline Transaction Amount is exceeded (for atransaction performed in the issuer currency), then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedoffline.

• If the Upper Consecutive Offline Limit is exceeded (for a transactionperformed in a non-issuer currency), then the transaction must go online. Ifit is not possible to go online, then the transaction is rejected.



• If the Upper Cumulative Offline Transaction Amount is exceeded (for atransaction performed in the issuer currency), then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.

• If the transaction is international, the card takes no action on this issue. Thecard may alternatively request that the transaction go online. If it is notpossible to go online, then the transaction is accepted offline.

• If the transaction is domestic, the card takes no action on this issue. Thecard may alternatively request that the transaction go online. If it is notpossible to go online, then the transaction is accepted offline.

• It is more flexible to make the card “on-line preferring,” if required, bysetting the LCOL and LCOA to zero, as this can be updated in the futureby a script command.

PayPass

Cards supporting this profile cannot also support PayPass.


Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (both IAF and IPB).

Table 5.1—Data Element List




Application Effective Date 5F25 Determined by issuer


Application Primary AccountNumber

5A Determined by issuer

Application Primary AccountNumber Sequence Number

5F34 Determined by issuer


Cardholder Name Extended 9F0B Determined by issuer

Issuer Country Code 5F28 Country code of the bank issuing the card

Language Preference 5F2D Determined by issuer

Track 1 Discretionary Data 9F1F Determined by issuer

Track 2 Discretionary Data 9F20 Determined by issuer





Bit 8 must be 0 = Application maybe selected without confirmation ofcardholder


Bits 4–1: priority of the application-determined by issuer


Application Version Number 9F08 00 02

FCI Issuer Discretionary Data BF0C 9F 4D020Bxx (xx number of records forlog file

Certification Authority Public KeyIndex

8F Determined by issuer/personalizationsystem

Issuer Public Key Certificate 90 Calculated by MasterCard CertificationAuthority

Issuer Public Key Remainder 92 Calculated by MasterCard CertificationAuthority

Issuer Public Key Exponent 9F32 03

Static Data Authentication Tag List 9F4A 82

DAC: Determined by issuer/personaliza-tion system

5F 25: Application Effective Date

5F 24: Application Expiration Date

9F 07: Application Usage Control

5A: Application PAN

5F 34: Application PAN Sequence No.

8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online

5F28: Issuer Country Code

Signed Static Application Data 93

9F4A: Static Data Authentication Tag List

Application Identifier if card supportsa PSE

4F Same value as Dedicated File Name tag84

Dedicated File Name 84 A0000000043060




Application Label 50 MAESTRO

Issuer Code Table Index 9F11 Supports the character set of theApplication Preferred Name

Application Preferred Name 9F12 Presence and value determined by issuer

Application Usage Control 9F07 FFC0

Log Entry (in the FCI) 9F4D Byte 1: Lower bits contain the SFI ofthe cyclic transaction log file (11) Byte2: Maximum number of records in theTransaction Log file

Default ARPC Response Code D6 0010

Lower Consecutive Offline Limit 9F14 Determined by issuer

Upper Consecutive Offline Limit 9F23 Determined by issuer

Lower Cumulative OfflineTransaction Amount

CA Determined by issuer

Upper Cumulative OfflineTransaction Amount

CB Determined by issuer

CRM Currency Code C9 Same value as Application CurrencyCode tag 9F42

Currency Conversion table D1 Determined by issuer (in case that oneor several entries are not used, pleaseset these entry(ies) with CRM CurrencyCode)

CRM Country Code C8 Same value as Issuer Country Code tag5F28

PIN Try Limit N/A 03

PIN Try Counter 9F17 03

Reference (Offline) PIN N/A Determined by issuer

SM for Integrity Master Key (MKSMI) Determined by issuer


Determined by issuer

AC Master Key (MKAC) Determined by issuer

Application Transaction CounterLimit


Previous Transaction History 00

Key Derivation Index Determined by issuer


Standard Profiles for MaestroProfile 02: Maestro with DDA—Full Chip Issuer


Issuer Action Code—Denial 9F0E 00 00 00 00 00

Issuer Action Code—Online 9F0F F0 70 BC 98 00

Issuer Action Code—Default 9F0D F0 50 BC 80 00

CVM List 8E 00000000 00000000 4201 0204 0103 0200

Card Issuer Action Code—Decline C3 00 00 00

Card Issuer Action Code—Online C5 39 FB 00

3F FB 00 may be used to make the card“online preferring”

Card Issuer Action Code—Default C4 39 50 00

Application Interchange Profile 82 58 00

CDOL 1 Related Data Length C7 M/Chip Lite: 23

M/Chip Select: 2B

Application Control D5 84 00

CDOL 1 8C M/Chip Lite: 9F 02 06 9F 03 06 9F 1A 0295 05 5F 2A 02 9A 03 9C 01 9F 37 04 9F35 01 9F 45 02 9F 34 03

M/Chip Select: 9F 02 06 9F 03 06 9F 1A02 95 05 5F 2A 02 9A 03 9C 01 9F 37 049F 35 01 9F 45 02 9F 4C 08 9F 34 03

CDOL 2 8D M/Chip Lite: 91 0A 8A 02 95 05

M/Chip Select: 91 0A 8A 02 95 05 9F 3704 9F 4C 08


Issuer Authentication Flags (if cardsupports MasterCard AuthenticationSolutions for Chip)

9F55 F0

Issuer Proprietary Bitmap (if cardsupports MasterCard AuthenticationSolutions for Chip)

9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 02: Maestro with DDA—Full Chip IssuerThis Standard Profile is for the issuer of Maestro cards supporting DDA in aFull Chip grade host processing environment or the issuer uses one of theappropriate MasterCard on-behalf services.



The card supports offline PIN (enciphered or plain text) which is preferred toonline PIN at the POS. The card will always use online PIN at ATMs. Signatureand “no CVM” are not supported. If offline PIN fails or if PIN entry is bypassedor not possible, the card will try to go online and decline the transactionif this is not possible.


NOTE

This profile must be implemented on M/Chip 4 Select.



Cash (cash advance)*• Offline enciphered or plain text PIN*, if the terminal is able to perform it• Online PIN* for other cases (such as any terminal does not support offline






Functions that the card requests:• DDA• Terminal Risk Management• Cardholder Verification




not possible to go online, then the transaction is rejected.• If DDA fails, then the transaction must go online. If it is not possible to go

online, then the transaction is rejected.



• If ICC Data is missing, then the transaction must go online. If it is notpossible to go online, then the transaction is rejected.

• If the card appears on an exception file, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.

• If the card application has expired, then the transaction must go online. If itis not possible to go online, then the transaction is rejected.

• If the card application is not yet effective, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedoffline.


• If the card is a new card the terminal takes no action on this issue.• If the cardholder verification fails, then the transaction must go online. If it

is not possible to go online, then the transaction is rejected.• If the offline PIN fails (or if the offline PIN try limit is exceeded), then

















PayPass

Cards supporting this profile can also support PayPass.

PayPass Standard Profile 91 should be used.



Data Element List












Issuer Country Code 5F28 Country code of the bank issuing thecard










bits 4–1: priority of the application-determined by issuer



FCI Issuer Discretionary Data BF0C 9F 4D020Bxx (xx number of records forlog file)







Static Data to be authenticated




5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1

ICC Public Key Certificate 9F46

8D: CDOL2

ICC Public Key Exponent 9F47 03




ICC Public Key Remainder 9F48 Determined by issuer/personalizationsystem

DDOL 9F49 9F3704


































Issuer Action Code—Online 9F0F B8 70 BC 98 00

Issuer Action Code—Default 9F0D B8 50 BC 80 00

CVM List 8E 00000000 00000000 4201 0204 4403 01030200






CDOL 1 Related Data Length C7 2B

Application Control D5 8C 00

CDOL 1 8C 9F 02 06 9F 03 06 9F 1A 02 95 05 5F 2A02 9A 03 9C 01 9F 37 04 9F 35 01 9F 4502 9F 4C 08 9F 34 03

CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Standard Profiles for MaestroProfile 03: Maestro with CDA and DDA—Full Chip Issuer

Profile 03: Maestro with CDA and DDA—Full Chip IssuerThis Standard Profile is for the issuer of Maestro cards supporting CDA andDDA in a Full Chip grade host processing environment or the issuer uses oneof the appropriate MasterCard on-behalf services.

The card supports offline PIN (enciphered or plain text) which is preferred toonline PIN at the POS. The card will always use online PIN at ATMs. Signatureand “no CVM” are not supported. If offline PIN fails or if PIN entry is bypassedor not possible, the card will try to go online and decline the transactionif this is not possible.


NOTE




Cash (cash advance)*• Offline enciphered or plain text PIN*, if the terminal is able to perform it• Online PIN* for other cases (such as any terminal does not support offline






Functions that the card requests:• CDA and DDA• Terminal Risk Management• Cardholder Verification







online, then the transaction is rejected.• If CDA fails, then the transaction must go online. If it is not possible to go























• If the transaction is domestic, the card takes no action on this issue. The cardmay alternatively request that the transaction go online. If it is not possibleto go online, then the transaction is accepted offline. It is more flexible tomake the card “on-line preferring”, if required, by setting the LCOL andLCOA to zero, as this can be updated in the future by a script command.

PayPass





Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2





ICC Public Key Remainder 9F48Determined by issuer/personalizationsystem

DDOL 9F49 9F3704


































Issuer Action Code—Online 9F0F BC 70 BC 98 00

Issuer Action Code—Default 9F0D BC 50 BC 80 00

CVM List 8E 00000000 00000000 4201 0204 4403 01030200









CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Standard Profiles for MaestroProfile 04: Maestro with SDA—Mag Stripe Grade Issuer where issuer can interpret TVR/CVR

Profile 04: Maestro with SDA—Mag Stripe Grade Issuerwhere issuer can interpret TVR/CVR

This Standard Profile is for the issuer of Maestro cards supporting SDA in a MagStripe grade host processing environment. However, the issuer can interpret theTVR and CVR received in authorization messages and take action accordingly.

The card supports offline PIN (plain text) but online PIN is always preferred.The card will always use online PIN at ATMs. Signature and “no CVM” are notsupported. If offline PIN fails or if PIN entry is bypassed or not possible, thecard will try to go online and decline the transaction if this is not possible.

The card may not operate offline and will decline transactions that are notapproved online.

NOTE

This profile is normally implemented on M/Chip 4 Lite. The profile may be implemented on M/Chip4 Select.


The Cardholder Verification Method list is:• Online PIN, if the terminal is able to perform it• Offline plain text PIN*, if the terminal is able to perform it

* If this CVM is not successful, then CVM processing has failed.


The card is valid for any domestic and international use, for example: Goods,Services, Cash, and Cash Back. The issuer may choose not to support domesticCash Back on the card.






The card is configured as “online only” and will never approve an offlinetransaction.



The settings for risk management are:

• If the transaction is an international transaction, then the transaction mustgo online. If it is not possible to go online, then the transaction is rejected.

• If the transaction is a domestic transaction, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.

• If the transaction is “unable to go online” the transaction is rejected.

PayPass

Cards supporting this profile cannot also support PayPass.


Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (both IAF and IPB). The CAP TokenValidation requires ATC management and AC validation by the issuer usingeither a hosted CTVS or delegating the CAP Token validation to a third party,for example: MasterCard On Behalf Service.

Data Element List












Issuer Country Code 5F28 Country code of the bank issuing the card
























5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online





4F Same value as Dedicated File Name tag 84









(FF 40 may alternatively be used ifdomestic Cash Back is not supported)









CRM Currency Code C9 Same value as Application Currency Codetag 9F42

Currency Conversion table D1 Determined by issuer (in case that oneor several entries are not used, please setthese entry(ies) with CRM Currency Code)

















Issuer Action Code—Online 9F0F F0 70 BC 98 00

Issuer Action Code—Default 9F0D F0 50 BC 88 00

CVM List 8E 00000000 00000000 4203 0103


Card Issuer Action Code—Online C5 3F FB 00

Card Issuer Action Code—Default C4 7F 50 00



M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Standard Profiles for MaestroProfile 05: Maestro with SDA—Mag Stripe Grade Issuer where issuer cannot interpret TVR/CVR

Profile 05: Maestro with SDA—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR

This Standard Profile is for the issuer of Maestro cards supporting SDA in a MagStripe grade host processing environment. The issuer cannot interpret the TVRand CVR received in authorization messages. The issuer will decline offlinetransactions where offline PIN errors occur.

The card supports offline PIN (plain text) but online PIN is always preferred.The card will always use online PIN at ATMs. Signature and “no CVM” are notsupported. If offline PIN fails or if PIN entry is bypassed or not possible, thetransaction will be declined.

The card may not operate offline and will decline transactions that are notapproved online.

NOTE



The Cardholder Verification Method list is:• Online PIN*, if the terminal is able to perform it• Offline plain text PIN*, if the terminal is able to perform it

* If these CVM are not successful, then CVM processing has failed.











The settings for risk management are:• If the cardholder verification fails, then the transaction the transaction is

rejected offline.• If the offline PIN fails (or if the offline PIN try limit is exceeded), then the

transaction the transaction is rejected offline.• If the PIN is bypassed, then the transaction is rejected offline.• If the terminal erroneously considers the offline PIN to be approved, but it

has not been approved by the card, then the transaction is rejected offline.• If the transaction is an international transaction, then the transaction must

go online. If it is not possible to go online, then the transaction is rejected.• If the transaction is a domestic transaction, then the transaction must go

online. If it is not possible to go online, then the transaction is rejected.• If the transaction is “unable to go online” the transaction is rejected.

PayPass

Cards supporting this profile cannot also support PayPass



Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online







































Issuer Action Code—Denial 9F0E 00 00 A8 00 00

Issuer Action Code—Online 9F0F F0 70 14 98 00

Issuer Action Code—Default 9F0D F0 50 14 88 00

CVM List 8E 00000000 00000000 0203 0103






M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Chapter 6 Standard Profiles for MasterCard/DebitMasterCard

This chapter details the Standard Profiles that are available to an issuer for use with theMasterCard/Debit MasterCard® product.

Profile 11: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer (1) ........... 6-1





PayPass.................................................................................................................................... 6-3



Profile 12: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer (2) ........... 6-7





PayPass.................................................................................................................................... 6-9



Profile 13: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer (3)........... 6-13





PayPass.................................................................................................................................. 6-16



Profile 14: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer (1)............ 6-19

Overview ............................................................................................................................... 6-19






Standard Profiles for MasterCard/Debit MasterCard

PayPass.................................................................................................................................. 6-22



Profile 15: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer (2)............ 6-25





PayPass.................................................................................................................................. 6-28



Profile 16: MasterCard/Debit MasterCard with DDA and offline PIN—Full Chip Issuer(1) ................................................................................................................................................ 6-32

Overview ............................................................................................................................... 6-32





PayPass.................................................................................................................................. 6-34








PayPass.................................................................................................................................. 6-40








PayPass.................................................................................................................................. 6-47





Profile 19: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer (1)........... 6-51





PayPass.................................................................................................................................. 6-53



Profile 20: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer (2)........... 6-57





PayPass.................................................................................................................................. 6-59



Profile 21: MasterCard/Debit MasterCard with CDA/DDA and offline PIN—Full Chip Issuer(1) ................................................................................................................................................ 6-63





PayPass.................................................................................................................................. 6-65



Profile 22: MasterCard/Debit MasterCard with CDA/DDA and signature—Full Chip Issuer(2) ................................................................................................................................................ 6-69

Overview ............................................................................................................................... 6-69





PayPass.................................................................................................................................. 6-71



©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 6-iii


Profile 23: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuerwhere issuer can interpret TVR/CVR ........................................................................................... 6-75





PayPass.................................................................................................................................. 6-78



Profile 24: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR (1) ................................................................................ 6-82





PayPass.................................................................................................................................. 6-84








PayPass.................................................................................................................................. 6-90








PayPass.................................................................................................................................. 6-96



Profile 27: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR (4) ...............................................................................6-100

©2010 MasterCard6-iv 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)


Cardholder Verification .........................................................................................................6-100

Application Usage Control ....................................................................................................6-101

Application Interchange Profile ............................................................................................6-101

Issuer Risk Management .......................................................................................................6-101

PayPass.................................................................................................................................6-102

MasterCard Authentication Solutions for Chip ......................................................................6-102

Data Element List ..................................................................................................................6-103

Profile 28: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR (1) ...............................................................................6-106





PayPass.................................................................................................................................6-108



Profile 29: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR (2) ...............................................................................6-112





PayPass.................................................................................................................................6-114



Profile 30: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer(3) ...............................................................................................................................................6-118





PayPass.................................................................................................................................6-120



Profile 31: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer(4) ...............................................................................................................................................6-124



©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 6-v




PayPass.................................................................................................................................6-126



Profile 32: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer (3) ...........6-131





PayPass.................................................................................................................................6-133



©2010 MasterCard6-vi 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

Standard Profiles for MasterCard/Debit MasterCardProfile 11: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer (1)

Profile 11: MasterCard/Debit MasterCard with SDA andoffline PIN—Full Chip Issuer (1)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Full Chip grade host processing environment or the issuer usesone of the appropriate MasterCard on-behalf services.

The card supports offline PIN (plain text) which is preferred to signature,which is preferred to online PIN at the POS. The card will always use onlinePIN at ATMs. “No CVM” is also supported. If offline PIN fails or if PIN entryis bypassed or not possible, the card will try to go online and decline thetransaction if this is not possible.

This profile differs from Profile 12 in that signature is preferred to online PIN atthe POS. The profile differs from Profile 13 in that PIN issues lead to an onlineauthorization request rather than an offline decline.

The card must be able to operate offline and Lower and Upper Limit parametersare used in risk management to decide whether to accept the transaction offlineor to request an online authorization. The Upper Limits may not normally beset to zero on a MasterCard product. The card may be configured as onlinepreferring.

NOTE



The Cardholder Verification Method list is:

• Online PIN, if transaction is Unattended Cash (ATM transactions)

• Offline plain text PIN, if the terminal is able to perform it

• Signature, if the terminal is able to perform it

• Online PIN for other cases (such as any terminal that does not supportoffline PIN or signature and certain Cardholder Activated Terminals)

• No CVM* (no verification of the cardholder), for certain CardholderActivated Terminals



The card is valid for any domestic and international usage, including Goods,Services, or Cash. Cash Back is not normally supported.

For Debit MasterCard, Cash Back must be supported.







Risk management is performed by the terminal via the Issuer Action Codes(IAC) and by the card via the Card Issuer Action Codes (CIAC) during eachtransaction.













• If the PIN pad is not working the terminal takes no action on this issue.• If the terminal erroneously considers the offline PIN to be approved, but it

has not been approved by the card, then the transaction must go online. Ifit is not possible to go online, then the transaction is rejected.

• If the transaction amount exceeds the terminal floor limit, then thetransaction must go online. If it is not possible to go online, then thetransaction is accepted offline.












PayPass





Data Element List



































5A: Application PAN


8E: CVM List





9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






Application Label 50 MASTERCARD or

Debit MasterCard



Application Usage Control 9F07 FF00 or

FFC0 for Debit MasterCard




Upper Consecutive Offline Limit 9F23 Determined by issuer (zero not allowed)




CB Determined by issuer (zero not allowed)



















Issuer Action Code—Online 9F0F F0 70 AC 98 00

Issuer Action Code—Default 9F0D F0 50 AC 00 00

CVM List 8E 00000000 00000000 4201 4103 5E03 42031F03






CDOL 1 Related Data Length C7

M/Chip Lite: 23

M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use onlinePIN at ATMs. “No CVM” is also supported. If offline PIN fails or if PIN entryis bypassed or not possible, the card will try to go online and decline thetransaction if this is not possible.

This profile differs from Profile 11 in that online PIN is preferred to signature atthe POS.


NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline plain text PIN, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN and certain Cardholder Activated Terminals)• Signature, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder

Activated Terminals
























• If the PIN pad is not working the terminal takes no action on this issue.




• If the transaction amount exceeds the terminal floor limit, then thetransaction must go online. If it is not possible to go online, then thetransaction rejected.


• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is declined.








• The offline transaction counters will be reset whenever a transaction isapproved, even if there is no ARPC.

PayPass







Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard

































CVM List 8E 00000000 00000000 4201 4103 4203 5E031F03







M/Chip Lite: 23

M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




The card supports offline PIN (plain text) which is preferred to signature,which is preferred to online PIN at the POS. The card will always use onlinePIN at ATMs. “No CVM” is also supported. If offline PIN fails or if PIN entryis bypassed or not possible, the card will try to go online and decline thetransaction if this is not possible.

The profile differs from Profile 11 in that PIN issues lead to an offline declinerather than an online authorization request.




NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline plain text PIN, if the terminal is able to perform it• Signature, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN or signature and certain Cardholder Activated Terminals)• No CVM* (no verification of the cardholder), for certain Cardholder

Activated Terminals* If this CVM is not successful, then CVM processing has failed.













online. If it is not possible to go online, then the transaction is rejected.








the transaction is rejected.• If the PIN is bypassed, then the transaction is rejected.• If the PIN pad is not working the terminal takes no action on this issue.• If the terminal erroneously considers the offline PIN to be approved, but it











• It is more flexible to make the card “on-line preferring”, if required, bysetting the LCOL and LCOA to zero, as this can be updated in the futureby a script command.



PayPass





Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard

































CVM List 8E 00000000 00000000 4201 4103 5E03 42031F03


Standard Profiles for MasterCard/Debit MasterCardProfile 14: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer (1)




07 FB 00 may be used to make the card“online preferring”




M/Chip Lite: 23

M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 14: MasterCard/Debit MasterCard with SDA andsignature—Full Chip Issuer (1)

Overview

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Full Chip grade host processing environment or the issueruses one of the appropriate MasterCard on-behalf services.



The card does not support offline PIN. online PIN is preferred to signatureat the POS. The card will always use online PIN at ATMs. “No CVM” is alsosupported. If PIN entry is bypassed, the card will try to go online and declinethe transaction if this is not possible.


The profile is online preferring. The card must be able to operate offline andUpper Limit parameters are used in risk management to decide whether toaccept the transaction offline if online authorization is not completed. TheUpper Limits may not normally be set to zero on a MasterCard product.

NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Online PIN, if the terminal is able to perform it• Signature, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder





















is not possible to go online, then the transaction is rejected.• If the PIN is bypassed, then the transaction must go online. If it is not

possible to go online, then the transaction is accepted.• If the PIN pad is not working the terminal takes no action on this issue.• If the transaction amount exceeds the terminal floor limit, then the

transaction must go online. If it is not possible to go online, then thetransaction is rejected.


• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedrejected.





• International transactions must go online. If it is not possible to go online,then the transaction is accepted.

• Domestic Transactions must go online. If it is not possible to go online,then the transaction is accepted.




PayPass




Cards supporting this profile may optionally support MAS4C (AA4C) by addingthe optional data elements (both IAF and IPB).

Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard





















Reference (Offline) PIN N/A N/A










Issuer Action Code—Online 9F0F F0 70 8C 98 00





CVM List 8E 00000000 00000000 4201 4203 5E03 1F03






M/Chip Lite: 23

M/Chip Select: 2B


(82 00 may alternatively be used if theissuer supports EMV CSK)







9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00






The card does not support offline PIN. Signature is preferred to online PINat the POS. The card will always use online PIN at ATMs. “No CVM” is alsosupported. If PIN entry is bypassed, the card will try to go online and declinethe transaction if this is not possible.

This profile differs from Profile 14 in that signature is preferred to online PIN atthe POS.

The card must be able to operate offline and Lower and Upper Limit parametersare used in risk management to decide whether to accept the transaction offlineor to request an online authorization. The Upper Limits may not normallybe set to zero on a MasterCard product. Internationally, the card is onlinepreferring. The card may be configured as online preferring domestically also.

NOTE

This profile normally is implemented on M/Chip 4 Lite. The profile may be implemented on M/Chip4 Select.





• Online PIN for other cases such as certain Cardholder Activated Terminals








Functions that the card requests:

• SDA

• Terminal Risk Management

• Cardholder Verification















possible to go online, then the transaction is rejected.• If the PIN pad is not working the terminal takes no action on this issue.• If the transaction amount exceeds the terminal floor limit, then the

transaction must go online. If it is not possible to go online, then thetransaction is accepted offline.













PayPass





Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online











Debit MasterCard
































Issuer Action Code—Default 9F0D F0 50 8C 08 00

CVM List 8E 00000000 00000000 4201 5E03 4203 1F03



06 FB 00 may be used to make thecard “online preferring” in a domesticenvironment




M/Chip Lite: 23

M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Standard Profiles for MasterCard/Debit MasterCardProfile 16: MasterCard/Debit MasterCard with DDA and offline PIN—Full Chip Issuer (1)

Profile 16: MasterCard/Debit MasterCard with DDA andoffline PIN—Full Chip Issuer (1)

Overview

This Standard Profile is for the issuer of MasterCard cards supporting DDA andoffline PIN in a Full Chip grade host processing environment or the issuer usesone of the appropriate MasterCard on-behalf services.

The card supports offline PIN (enciphered or plain text) which is preferred tosignature, which is preferred to online PIN at the POS. The card will alwaysuse online PIN at ATMs. “No CVM” is also supported. If offline PIN fails or ifPIN entry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.

This profile differs from Profile 17 in that signature is preferred to online PIN atthe POS. The profile differs from Profile 18 in that PIN issues lead to an onlineauthorization request rather than an offline decline.


NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline enciphered or plain text PIN, if the terminal is able to perform it• Signature, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN or signature such as certain Cardholder Activated Terminals)• No CVM* (no verification of the cardholder), for certain Cardholder






































PayPass





Data Element List




































Debit MasterCard

























5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online







8C: CDOL1

8D: CDOL2



DDOL 9F49 9F3704











Issuer Action Code—Online 9F0F B8 70 AC 98 00

Issuer Action Code—Default 9F0D B8 50 AC 00 00

CVM List 8E 00000000 00000000 4201 4403 4103 5E034203 1F03












CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




The card supports offline PIN (enciphered and plain text) which is preferred toonline PIN, which is preferred to signature at the POS. The card will alwaysuse online PIN at ATMs. “No CVM” is also supported. If offline PIN fails or ifPIN entry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.



NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline enciphered or plain text PIN, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN such as certain Cardholder Activated Terminals)



• Signature, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder




























• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.









PayPass







Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704





Debit MasterCard




FFC0 or FF40 for Debit MasterCard





























CVM List 8E 00000000 00000000 4201 4403 4103 42035E03 1F03












CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




The card supports offline PIN (enciphered and plain text) which is preferred tosignature, which is preferred to online PIN at the POS. The card will alwaysuse online PIN at ATMs. “No CVM” is also supported. If offline PIN fails or ifPIN entry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.

The profile differs from Profile 16 in that PIN issues lead to an offline declinerather than an online authorization request.




NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline enciphered or plain text PIN, if the terminal is able to perform it• Signature, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN or signature such as certain Cardholder Activated Terminals)• No CVM* (no verification of the cardholder), for certain Cardholder






















the transaction is rejected.• If the PIN is bypassed, then the transaction is rejected.• If the PIN pad is not working the terminal takes no action on this issue.• If the terminal erroneously considers the offline PIN to be approved, but it














PayPass





Data Element List












Issuer Country Code 5F28 Country code of the bank issuingthe card













FCI Issuer Discretionary Data BF0C 9F 4D020Bxx (xx number of recordsfor log file)


8F Determined by issuer/personaliza-tion system

Issuer Public Key Certificate 90 Calculated by MasterCardCertification Authority

Issuer Public Key Remainder 92 Calculated by MasterCardCertification Authority







5A: Application PAN

5F 34: Application PAN SequenceNo.

8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online


9F4A: Static Data AuthenticationTag List

8C: CDOL1


8D: CDOL2


ICC Public Key Remainder 9F48Determined by issuer/personaliza-tion system

DDOL 9F49 9F3704





4F Same value as Dedicated File Nametag 84



Debit MasterCard


Application Preferred Name 9F12 Presence and value determined byissuer



Log Entry (in the FCI) 9F4D Byte 1: Lower bits contain the SFIof the cyclic transaction log file(11) Byte 2: Maximum number ofrecords in the Transaction Log file



Upper Consecutive Offline Limit 9F23 Determined by issuer (zero notallowed)




CB Determined by issuer (zero notallowed)


Currency Conversion table D1 Determined by issuer (in case thatone or several entries are not used,please set these entry(ies) with CRMCurrency Code)

CRM Country Code C8 Same value as Issuer Country Codetag 5F28
















Issuer Action Code—Online 9F0F B8 70 84 98 00

Issuer Action Code—Default 9F0D B8 50 84 00 00

CVM List 8E 00000000 00000000 4201 4403 41035E03 4203 1F03



07 FB 00 may be used to make thecard “online preferring”





CDOL 1 8C 9F 02 06 9F 03 06 9F 1A 02 95 05 5F2A 02 9A 03 9C 01 9F 37 04 9F 3501 9F 45 02 F 4C 08 9F 34 03

CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 0000 00 00 00 30 00 FF 00 00 00



Standard Profiles for MasterCard/Debit MasterCardProfile 19: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer (1)

Profile 19: MasterCard/Debit MasterCard with DDA andsignature—Full Chip Issuer (1)

This Standard Profile is for the issuer of MasterCard cards supporting DDA andno offline PIN in a Full Chip grade host processing environment or the issueruses one of the appropriate MasterCard on-behalf services.

The card does not support offline PIN. online PIN is preferred to signatureat the POS. The card will always use online PIN at ATMs. “No CVM” is alsosupported. If PIN entry is bypassed, the card will try to go online and acceptthe transaction offline if this is not possible.



NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Online PIN, if the terminal is able to perform it• Signature, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder






















possible to go online, then the transaction is accepted.• If the PIN pad is not working the terminal takes no action on this issue.• If the transaction amount exceeds the terminal floor limit, then the



• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedrejected.










PayPass





Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2






DDOL 9F49 9F3704





Debit MasterCard































Issuer Action Code—Online 9F0F B8 70 8C 98 00

Issuer Action Code—Default 9F0D B8 50 84 88 00

CVM List 8E 00000000 00000000 4201 4203 5E03 1F03








CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




Profile 20: MasterCard/Debit MasterCard with DDA andsignature—Full Chip Issuer (2)

This Standard Profile is for the issuer of MasterCard cards supporting DDA andno offline PIN in a Full Chip grade host processing environment or the issueruses one of the appropriate MasterCard on-behalf services.



The card must be able to operate offline and Upper Limit parameters are usedin risk management to decide whether to accept the transaction offline if onlineauthorization is not completed. The Upper Limits may not normally be set tozero on a MasterCard product. The profile is online preferring internationally.Domestically, the card may be configured as online preferring.

NOTE

This profile must be implemented M/Chip 4 Select.


The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Signature, if the terminal is able to perform it• Online PIN for other cases such as certain Cardholder Activated Terminals• No CVM* (no verification of the cardholder), for certain Cardholder







Functions that the card requests:• DDA• Terminal Risk Management






























PayPass





Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1





8D: CDOL2



DDOL 9F49 9F3704





Debit MasterCard
































Issuer Action Code—Default 9F0D B8 50 8C 88 00

CVM List 8E 00000000 00000000 4201 5E03 4203 1F03








CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Standard Profiles for MasterCard/Debit MasterCardProfile 21: MasterCard/Debit MasterCard with CDA/DDA and offline PIN—Full Chip Issuer (1)

Profile 21: MasterCard/Debit MasterCard with CDA/DDAand offline PIN—Full Chip Issuer (1)

This Standard Profile is for the issuer of MasterCard cards supporting CDA andDDA and offline PIN in a Full Chip grade host processing environment or theissuer uses one of the appropriate MasterCard on-behalf services.

The card supports offline PIN (enciphered or plain text) which is preferred tosignature, which is preferred to online PIN at the POS. The card will alwaysuse online PIN at ATMs. “No CVM” is also supported. If offline PIN fails or ifPIN entry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.

This profile differs from Profile 22 in that the card supports offline PIN.


NOTE





• Offline enciphered or plain text PIN, if the terminal is able to perform it


• Online PIN for other cases (such as any terminal that does not supportoffline PIN or signature such as certain Cardholder Activated Terminals)








































PayPass





Data Element List







































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704





Debit MasterCard































Issuer Action Code—Online 9F0F BC 70 AC 98 00

Issuer Action Code—Default 9F0D BC 50 AC 00 00

CVM List 8E 00000000 00000000 4201 4403 4103 5E034203 1F03





Standard Profiles for MasterCard/Debit MasterCardProfile 22: MasterCard/Debit MasterCard with CDA/DDA and signature—Full Chip Issuer (2)







CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 22: MasterCard/Debit MasterCard with CDA/DDAand signature—Full Chip Issuer (2)

Overview

This Standard Profile is for the issuer of MasterCard cards supporting CDA andDDA and no offline PIN in a Full Chip grade host processing environment orthe issuer uses one of the appropriate MasterCard on-behalf services.


This profile differs from Profile 21 in that off-line PIN is not supported.

The card must be able to operate offline and Lower and Upper Limit parametersare used in risk management to decide whether to accept the transaction offlineor to request an online authorization. The Upper Limits may not normallybe set to zero on a MasterCard product. Internationally, the profile is onlinepreferring. Domestically, the card may be configured as online preferring.



NOTE
























• If the card is a new card the terminal takes no action on this issue.

• If the cardholder verification fails, then the transaction must go online. If itis not possible to go online, then the transaction is rejected.












PayPass







Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2


ICC Public Key Remainder 9F48 Determined by issuer/personalizationsystem

DDOL 9F49 9F3704





Debit MasterCard































Issuer Action Code—Online 9F0F BC 70 8C 98 00

Issuer Action Code—Default 9F0D BC 50 8C 08 00

CVM List 8E 00000000 00000000 4201 5E03 4203 1F03



Standard Profiles for MasterCard/Debit MasterCardProfile 23: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuer where issuer

can interpret TVR/CVR









CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 23: MasterCard/Debit MasterCard with SDA andoffline PIN—Mag Stripe Grade Issuer where issuer caninterpret TVR/CVR

This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. However, theissuer can interpret the TVR and CVR received in authorization messages andtake action accordingly.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use onlinePIN at ATMs. “No CVM” is also supported. If offline PIN fails or if PIN entryis bypassed or not possible, the card will try to go online and decline thetransaction if this is not possible.

This profile differs from profile 24 as the issuer can interpret the TVR and CVRso does not need to decline certain conditions offline.


Standard Profiles for MasterCard/Debit MasterCardProfile 23: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuer where issuercan interpret TVR/CVR


NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline plain text PIN, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN such as certain Cardholder Activated Terminals)• Signature, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder

Activated Terminals•











not possible to go online, then the transaction is rejected.




• If SDA fails, then the transaction must go online. If it is not possible to goonline, then the transaction is rejected.























PayPass





Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online











Debit MasterCard


































CVM List 8E 00000000 00000000 4201 4103 4203 5E031F03






M/Chip Lite: 23

M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Standard Profiles for MasterCard/Debit MasterCardProfile 24: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuer where issuercannot interpret TVR/CVR (1)

Profile 24: MasterCard/Debit MasterCard with SDA andoffline PIN—Mag Stripe Grade Issuer where issuer cannotinterpret TVR/CVR (1)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages and sowill decline offline transactions where offline PIN errors occur.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use online PINat ATMs. “No CVM” is also supported. If offline PIN fails or if PIN entry isbypassed or not possible, the transaction will be declined.

This profile differs from profile 23 as the issuer cannot interpret the TVR andCVR so declines certain conditions offline.


NOTE






• Online PIN for other cases (such as any terminal that does not supportoffline PIN and certain Cardholder Activated Terminals)










cannot interpret TVR/CVR (1)













• If the card is a new card the terminal takes no action on this issue.• If the cardholder verification fails, then the transaction the transaction is


transaction the transaction is rejected offline.• If the PIN is bypassed, then the transaction is rejected offline.• If the PIN pad is not working the terminal takes no action on this issue.• If the terminal erroneously considers the offline PIN to be approved, but it

has not been approved by the card, then the transaction is rejected offline.• If the transaction amount exceeds the terminal floor limit, then the












PayPass





Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online











Debit MasterCard


































CVM List 8E 00000000 00000000 4201 4103 4203 5E031F03






M/Chip Lite: 23

M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00





This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages and sowill decline offline transactions where offline PIN errors occur.

The card supports offline PIN (plain text) which is preferred to signature, whichis preferred to online PIN at the POS. The card will always use online PINat ATMs. “No CVM” is also supported. If offline PIN fails or if PIN entry isbypassed or not possible, the transaction will be declined.

This profile differs from profile 24 as signature is preferred to online PIN.


NOTE































transaction the transaction is rejected offline.• If the PIN is bypassed, then the transaction is rejected offline.• If the PIN pad is not working the terminal takes no action on this issue.• If the terminal erroneously considers the offline PIN to be approved, but it













PayPass





Data Element List

























FCI Issuer Discretionary Data BF0C 9F 4D020Bxx (xx number of recordsfor log file)







DAC: Determined by issuer/personal-ization system




5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






9F4A: Static Data Authentication TagList





Debit MasterCard


Application Preferred Name 9F12 Presence and value determined byissuer






Upper Consecutive Offline Limit 9F23 Determined by issuer (zero notallowed)




CB Determined by issuer (zero notallowed)






















CVM List 8E 00000000 00000000 4201 4103 5E034203 1F03






M/Chip Lite: 23

M/Chip Select: 2B


CDOL 1 8C M/Chip Lite: 9F 02 06 9F 03 06 9F 1A02 95 05 5F 2A 02 9A 03 9C 01 9F 37 049F 35 01 9F 45 02 9F 34 03



M/Chip Select: 91 0A 8A 02 95 05 9F37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00





This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages but willallow online authorization of transactions where offline PIN errors occur.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use online PINat ATMs. “No CVM” is also supported. In the event of PIN or CVM issues thecard initiates an online authorization or declines the transaction as describedbelow.

This profile differs from profile 24 as the issuer wants to allow CVM fallbackand only decline transactions where CVM processing fails


NOTE






























rejected offline.• If the offline PIN fails (or if the offline PIN try limit is exceeded), then


• If the PIN is bypassed, then the terminal takes no action on this issue.• If the PIN pad is not working the terminal takes no action on this issue.• If the terminal erroneously considers the offline PIN to be approved, but it













PayPass





Data Element List




































5A: Application PAN


8E: CVM List





9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online







Debit MasterCard


































CVM List 8E 00000000 00000000 4201 4103 4203 5E031F03


Card Issuer Action Code—Online C5 0E FB 00




M/Chip Lite: 23

M/Chip Select: 2B










Issuer Authentication Flags (If cardsupports MasterCard AuthenticationSolutions for Chip)

9F55 F0

Issuer Proprietary Bitmap (If cardsupports MasterCard AuthenticationSolutions for Chip)

9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages but willallow online authorization of transactions where offline PIN errors occur.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use online PINat ATMs. “No CVM” is also supported. In the event of PIN or CVM issues thecard initiates an online authorization or declines the transaction as describedbelow.

This profile differs from profile 26 as signature is preferred to online PIN.


NOTE











• No CVM* (no verification of the cardholder), for certain CardholderActivated Terminals* If this CVM is not successful, then CVM processing has failed.


















rejected offline.• If the offline PIN fails (or if the offline PIN try limit is exceeded), then


• If the PIN is bypassed, then the terminal takes no action on this issue.




• If the terminal erroneously considers the offline PIN to be approved, but ithas not been approved by the card, then the transaction is rejected offline.










PayPass








Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard


































CVM List 8E 00000000 00000000 4201 4103 5E03 42031F03


Card Issuer Action Code—Online C5 0E FB 00




M/Chip Select: 2B



Standard Profiles for MasterCard/Debit MasterCardProfile 28: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer where issuercannot interpret TVR/CVR (1)








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 28: MasterCard/Debit MasterCard with SDA andsignature—Mag Stripe Grade Issuer where issuer cannotinterpret TVR/CVR (1)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages.

The card does not support offline PIN. online PIN is preferred to signatureat the POS. The card will always use online PIN at ATMs. “No CVM” is alsosupported. If PIN entry is bypassed or CVM processing is unsuccessful, the cardinitiates an online authorization or declines the transaction if this is not possible.

This profile differs from Profile 29 in that online PIN is preferred to signature atthe POS. This profile differs from Profile 30 in that certain transaction errors aredeclined offline.



Standard Profiles for MasterCard/Debit MasterCardProfile 28: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer where issuer


NOTE



The Cardholder Verification Method list is:• Online PIN, if the terminal is able to perform it• Signature, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder

Activated Terminals•















is not possible to go online, then the transaction is rejected.





• If the card is a new card the terminal takes no action on this issue.• If the cardholder verification fails, then the transaction is rejected.• If the PIN is bypassed, then the transaction is rejected.• If the PIN pad is not working the terminal takes no action on this issue.• If the transaction amount exceeds the terminal floor limit, then the










PayPass




Cards supporting this profile may optionally support MAS4C (AA4C) by addingthe optional data elements (both IAF and IPB). The CAP Token Validationrequires ATC management and AC validation by the issuer using either a hostedCTVS or delegating the CAP Token validation to a third party, for example:MasterCard On Behalf Service.




Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard


































CVM List 8E 00000000 00000000 4203 5E03 1F03






M/Chip Lite: 23

M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 29: MasterCard/Debit MasterCard with SDA andsignature—Mag Stripe Grade Issuer where issuer cannotinterpret TVR/CVR (2)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages.

The card does not support offline PIN. Signature is preferred to online PINat the POS. The card will always use online PIN at ATMs. “No CVM” is alsosupported. If PIN entry is bypassed or CVM processing is unsuccessful, the cardinitiates an online authorization or declines the transaction if this is not possible.



NOTE






The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Signature, if the terminal is able to perform it• Online PIN, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder





















• If the cardholder verification fails, then the transaction is rejected.

• If the PIN is bypassed, then the transaction is rejected.











PayPass








Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard


































CVM List 8E 00000000 00000000 4201 5E03 4203 1F03






M/Chip Lite: 23

M/Chip Select: 2B



Standard Profiles for MasterCard/Debit MasterCardProfile 30: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer (3)








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 30: MasterCard/Debit MasterCard with SDA andsignature—Mag Stripe Grade Issuer (3)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Mag Stripe grade host processing environment.

The card does not support offline PIN. Signature is preferred to online PINat the POS. The card will always use online PIN at ATMs. “No CVM” is alsosupported. If PIN entry is bypassed or CVM processing is unsuccessful, thecard declines the transaction offline.

This profile differs from Profile 29 in that certain transactions errors areauthorized online.


NOTE





The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Signature, if the terminal is able to perform it• Online PIN, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder






















• If the offline PIN fails (or if the offline PIN try limit is exceeded), thenthe transaction must go online. If it is not possible to go online, then thetransaction is rejected.














PayPass







Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard

































CVM List 8E 00000000 00000000 4201 5E03 4203 1F03










M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 31: MasterCard/Debit MasterCard with SDA andsignature—Mag Stripe Grade Issuer (4)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Mag Stripe grade host processing environment. It includes aspecial setting to require online PIN domestically.

The card does not support offline PIN. Signature is preferred to online PINat the POS internationally. The card will always use online PIN at ATMs.“No CVM” is also supported. If PIN entry is bypassed or CVM processing isunsuccessful, the card declines the transaction offline.

This profile differs from Profile 30 in that domestic transactions require onlinePIN.



The profile is online preferring for international transactions and online onlydomestically. The card must be able to operate offline and Upper Limitparameters are used in risk management to decide whether to accept thetransaction offline if online authorization is not completed. The Upper Limitsmay not normally be set to zero on a MasterCard product.

NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Online PIN, if above amount “x”• Signature, if the terminal is able to perform it• Online PIN, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder






























• If the transaction is international, the card will request that the transactiongo online. If it is not possible to go online, then the transaction is acceptedoffline.

• If the transaction is domestic, the card will request that the transaction goonline. If it is not possible to go online, then the transaction is rejected.

• If the transaction is “unable to go online” the transaction is rejected.

PayPass









Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard

































CVM List 8E 00000001 00000000 4201 4206 5E03 42031F03






M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00






The card must be able to operate offline and Lower and Upper Limit parametersare used in risk management to decide whether to accept the transaction offlineor to request an online authorization. The Upper Limits may not normallybe set to zero on a MasterCard product. Internationally, the card is onlinepreferring. The card may be configured as online preferring domestically also.

NOTE




























• If the PIN pad is not working the terminal takes no action on this issue.• If the transaction amount exceeds the terminal floor limit, then the












PayPass







Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online








Debit MasterCard

































CVM List 8E 00000000 00000000 4201 5E03 4203 1F03







M/Chip Lite: 23

M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Chapter 7 Standard Profiles for MasterCard ElectronicThis chapter details the Standard Profiles that are available to an issuer for use with the MasterCardElectronic product.

Profile 51: MasterCard Electronic with no offline CAM and offline PIN—Full Chip Issuer............ 7-1





PayPass.................................................................................................................................... 7-2



Profile 52: MasterCard Electronic with no offline CAM and signature—Full Chip Issuer .............. 7-5





PayPass.................................................................................................................................... 7-6



Profile 53: MasterCard Electronic with DDA and offline PIN—Full Chip Issuer............................ 7-9





PayPass.................................................................................................................................. 7-11




Standard Profiles for MasterCard ElectronicProfile 51: MasterCard Electronic with no offline CAM and offline PIN—Full Chip Issuer

Profile 51: MasterCard Electronic with no offline CAM andoffline PIN—Full Chip Issuer

This Standard Profile is for the issuer of MasterCard Electronic cards supportingoffline PIN in a Full Chip grade host processing environment or the issueruses one of the appropriate MasterCard on-behalf services. The cards willonly approve transactions if they are authorized online. The card does notsupport offline CAM.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use online PINat ATMs. “No CVM” is not supported. If offline PIN fails or if PIN entry isbypassed or not possible, the card will try to go online.

NOTE







• Signature*, if the terminal is able to perform it



The card is valid for any domestic and international usage, including Goods,Services, or Cash. Cash Back is not supported.













• If the transaction is an domestic transaction, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.

PayPass

PayPass is not supported for MasterCard Electronic Standard Profiles.


Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (IAF and IPB).

Data Element List


























8F N/A

Issuer Public Key Certificate 90 N/A

Issuer Public Key Remainder 92 N/A

Issuer Public Key Exponent 9F32 N/A

Static Data Authentication Tag List 9F4A N/A

Signed Static Application Data 93 N/A




Application Label 50 MC Electronic



Application Usage Control 9F07 FF00





























CVM List 8E 00000000 00000000 4201 4103 4203 1E03






M/Chip Lite: 23

M/Chip Select: 2B



Standard Profiles for MasterCard ElectronicProfile 52: MasterCard Electronic with no offline CAM and signature—Full Chip Issuer








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 52: MasterCard Electronic with no offline CAM andsignature—Full Chip Issuer

This Standard Profile is for the issuer of MasterCard Electronic cards notsupporting offline PIN in a Full Chip grade host processing environment or theissuer uses one of the appropriate MasterCard on-behalf services. The cardswill only approve transactions if they are authorized online. The card does notsupport offline CAM.

The card supports online PIN, which is preferred to signature at the POS. Thecard will always use online PIN at ATMs. Neither offline PIN nor “No CVM”are supported. If PIN entry is bypassed or not possible, the card will try togo online.

NOTE




• Online PIN, if the terminal is able to perform it









Functions that the card requests:• Terminal Risk Management• Cardholder Verification




The settings for risk management are:• If the transaction is an international transaction, then the transaction must

go online. If it is not possible to go online, then the transaction is rejected.• If the transaction is an domestic transaction, then the transaction must go


PayPass




Data Element List


























8F N/A

Issuer Public Key Certificate 90 N/A

Issuer Public Key Remainder 92 N/A

Issuer Public Key Exponent 9F32 N/A

Static Data Authentication Tag List 9F4A N/A

Signed Static Application Data 93 N/A



































Standard Profiles for MasterCard ElectronicProfile 53: MasterCard Electronic with DDA and offline PIN—Full Chip Issuer



Issuer Action Code—Default 9F0D B0 50 8C 80 00

CVM List 8E 00000000 00000000 4203 1E03






M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 53: MasterCard Electronic with DDA and offlinePIN—Full Chip Issuer

This Standard Profile is for the issuer of MasterCard Electronic cards supportingoffline PIN in a Full Chip grade host processing environment or the issuer usesone of the appropriate MasterCard on-behalf services. The cards will onlyapprove transactions if they are authorized online. The card supports DDA.



The card supports offline PIN (enciphered and plain text) which is preferred toonline PIN, which is preferred to signature at the POS. The card will always useonline PIN at ATMs. “No CVM” is not supported. If offline PIN fails or if PINentry is bypassed or not possible, the card will try to go online.

NOTE





• Offline enciphered or plain text PIN, if the terminal is able to perform it









• DDA








• If the transaction is an domestic transaction, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.



PayPass



Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (IAF and IPB).

Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704







































CVM List 8E 00000000 00000000 4201 4403 4103 42031E03








CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Chapter 8 Standard Profiles for PayPassThis chapter details the Standard Profiles that are available to an issuer for the PayPass contactlessinterface. M/Chip 4 is a dual-interface application.

Profiles Overview for PayPass ....................................................................................................... 8-1

Profile 91: Maestro PayPass with CDA .......................................................................................... 8-1

Data Elements for Application Selection.................................................................................. 8-1

Data Elements Referenced in the AFL (PayPass) ..................................................................... 8-2

Mandatory File Structure for PayPass Standard Profiles—SFI 1 ......................................... 8-2




Data Elements that Must Not Be Included......................................................................... 8-4

Get Processing Options Response ........................................................................................... 8-4

Card Risk Management ............................................................................................................ 8-4

Secret Keys .............................................................................................................................. 8-5

Miscellaneous .......................................................................................................................... 8-6

Profile 92: MasterCard/Debit MasterCard PayPass with SDA, signature preferred to onlinePIN................................................................................................................................................. 8-7

Data Elements for Application Selection.................................................................................. 8-7

Data Elements Referenced in the AFL (PayPass) ..................................................................... 8-7



Mandatory File Structure for PayPass Standard Profiles—SFI 3 ....................................... 8-10


Data Elements that Must Not Be Included....................................................................... 8-11

Get Processing Options Response ......................................................................................... 8-11

Card Risk Management .......................................................................................................... 8-11

Secret Keys ............................................................................................................................ 8-12

Miscellaneous ........................................................................................................................ 8-13

Profile 93: MasterCard/Debit MasterCard PayPass with SDA, online PIN preferred tosignature ...................................................................................................................................... 8-13

Data Elements for Application Selection................................................................................ 8-14

Data Elements Referenced in the AFL (PayPass) ................................................................... 8-14




Standard Profiles for PayPass






Secret Keys ............................................................................................................................ 8-19

Miscellaneous ........................................................................................................................ 8-19

Profile 94: MasterCard/Debit MasterCard PayPass with CDA, signature preferred to onlinePIN............................................................................................................................................... 8-20










Secret Keys ............................................................................................................................ 8-26

Miscellaneous ........................................................................................................................ 8-27

Profile 95: MasterCard/Debit MasterCard PayPass with CDA, online PIN preferred to signature.................................................................................................................................................... 8-27










Secret Keys ............................................................................................................................ 8-33

Miscellaneous ........................................................................................................................ 8-34



Profiles Overview for PayPass

Profiles Overview for PayPassDepending on the Standard Profile adopted for the contact interface, one of thestandard profiles for PayPass will apply, according to the following table.

Contact StandardProfile

PayPass StandardProfile

Contact StandardProfile

PayPass StandardProfile

Profile 01 n/a Profile 21 PayPass Profile 94

Profile 02 PayPass Profile 91 Profile 22 PayPass Profile 94











Profile 18 PayPass Profile 94 Profile 51 n/a



Profile 91: Maestro PayPass with CDAThis profile may be used with the contact Standard Profile 02 or 03.

The PayPass interface supports CDA.

Data Elements for Application Selection

Data Element Name Tag Mandatory Values Presence

AID '4F' A0000000043060 M

DF Name '84' A0000000043060 M

Application Label '50' MAESTRO O



Profile 91: Maestro PayPass with CDA


Application PriorityIndicator

'87' Determined by issuer O

Language Preference '5F2D' Determined by issuer O

Issuer Code Table Index '9F11' Determined by issuer O

Application Preferred Name '9F12' Determined by issuer O

FCI Issuer DiscretionaryData

'BF0C' Determined by issuer O

Log Entry '9F4D' Byte 1: Lower bits containthe SFI of the transactionlog file (11) Byte 2:Maximum number ofrecords in the transactionlog file

O

Data Elements Referenced in the AFL (PayPass)

Mandatory File Structure for PayPass Standard Profiles—SFI 1

SFI 1 contains the data objects for PayPass—Mag Stripe transactions. ThePayPass—Mag Stripe profile is not supported for Maestro PayPass.


Mag Stripe Application VersionNumber

9F6C' 'FFFF' M



Track 2 Equivalent Data '57' Determined by issuer M


'5A' Determined by issuer M

Application Expiration Date '5F24' Determined by issuer M

Application Effective Date '5F25' Determined by issuer O

Issuer Country Code '5F28' Determined by issuer M

Application PAN SequenceNumber

'5F34' Determined by issuer M





CDOL1 '8C' 9F 02 06 9F 03 06 9F 1A02 95 05 5F 2A 02 9A 039C 01 9F 37 04 9F 35 019F 45 02 9F 4C 08 9F 3403

M

CDOL2 '8D' 91 0A 8A 02 95 05 9F 3704 9F 4C 08

M

CVM List '8E' 00000000 00000000 1F03 M

Application Usage Control '9F07' 3D00 M

Application Version Number '9F08' 0002 M

Issuer Action Code—Denial '9F0E' 00 00 00 00 00 M

Issuer Action Code—Online '9F0F' B4 70 80 80 00 M

Issuer Action Code—Default '9F0D' B4 50 80 80 00 M

Application Currency Code '9F42' Determined by issuer C

SDA Tag List '9F4A' 82 M


Table 8.1—Record 1 of SFI 3


Certification Authority PublicKey Index

'8F' Determined by issuer M

Issuer Public Key Exponent '9F32' Determined by issuer M

Issuer Public Key Remainder '92' Determined by issuer (Seenote below)

C

Issuer Public Key Certificate '90' Determined by issuer M

NOTE

The Issuer Public Key Remainder is present if NI > (NCA—36).



Signed Static Application Data '93' 'FF' M







ICC Public Key Exponent '9F47' Determined by issuer M

ICC Public Key Remainder '9F48' Determined by issuer (Seenote below)

C

NOTE

The ICC Public Key Remainder is present if NIC > (NI—42).



ICC Public Key Certificate '9F46' Determined by issuer M

Data Elements that Must Not Be Included

The following data element must not be included in the records referencedin the AFL (PayPass).

Data Element Name Tag

Cardholder Name '5F20'

Get Processing Options Response

Table 8.5—Persistent Data Elements for Get Processing Options Response

Data Element Name Tag Mandatory Values

AIP (PayPass) 'D8' 1980

AFL (PayPass) 'D9' 08 01 01 00 10 01 01 01 18 01 02 00 2001 02 00 20 01 02 00 20 01 02 00

Card Risk Management

Unless otherwise indicated, card risk management data elements are sharedbetween the contact and contactless interface and must be configured in thesame way as for the M/Chip 4 application.




Table 8.6—Persistent Data Elements for Card Risk Management


Lower Consecutive OfflineLimit

'9F14' Determined by issuer.

Upper Consecutive OfflineLimit

'9F23' Determined by issuer


'CA' Determined by issuer.


'CB' Determined by issuer

Application Control (PayPass) 'D7' 00 00 80

Card Issuer Action Code(PayPass)—Decline

'CF' 08 00 00

Card Issuer Action Code(PayPass)—Online

'CE' 00 F0 00, or 06 F0 00 for onlinepreferring card

Card Issuer Action Code(PayPass)—Default

'CD' 00 50 00

CDOL1 Related Data Length 'C7' 2B

CRM Country Code 'C8' Same value as Issuer Country Code.

CRM Currency Code 'C9' Same value as Application CurrencyCode

Currency Conversion table 'D1' Determined by issuer (see notebelow)

Additional Check Table 'D3' Not used. Personalized withhexadecimal zeroes

NOTE

The currency code in each entry in the Currency Conversion table must be set to the same valueas the CRM Currency Code.

Secret Keys

The Triple DES keys listed below are derived from their corresponding issuermaster keys using a unique identifier from the card such as the PAN, and areoften referred to as diversified keys.




Table 8.7—Triple DES keys


ICC Dynamic Number MasterKey (MKIDN)

– Determined by issuer

SM for Integrity Master Key(MKSMI)


SM for Confidentiality MasterKey (MKSMC)


AC Master Key (MKAC) – Determined by issuer

ICC Derived Key for CVC3Generation (KDCVC3)

– Not used. Random non-zero valuerecommended

Table 8.8—RSA keys


Length of ICC Public KeyModulus


ICC Private Key – Determined by issuer

Length of ICC PIN EnciphermentPublic Key Modulus


ICC PIN Encipherment PrivateKey


Miscellaneous

Table 8.9—Miscellaneous Persistent Data Elements


Key Derivation Index – Determined by issuer

Application Life Cycle Data '9F7E' Depending on the possible separationof the loading of the application codeand the personalization data, only partof the Application Life Cycle Data maybe personalized

Log Format '9F4F' Content of records in Log of Transactions

Static CVC3TRACK1 'DA' 0000

Static CVC3TRACK2 'DB' 0000



Profile 92: MasterCard/Debit MasterCard PayPass with SDA, signature preferred to online PIN


IVCVC3TRACK1 'DC' 0000

IVCVC3TRACK2 'DD' 0000

Profile 92: MasterCard/Debit MasterCard PayPass withSDA, signature preferred to online PIN

This profile may be used with the contact Standard Profile 11, 13, 15 25, 27,29, 30, or 32.

The PayPass interface supports SDA.



AID '4F' A0000000041010 M

DF Name '84' A0000000041010 M

Application Label '50' MASTERCARD orDebit MasterCard

O

Application Priority Indicator '87' Determined by issuer O




FCI Issuer Discretionary Data 'BF0C' Determined by issuer O

Log Entry '9F4D' Byte 1: Lower bitscontain the SFI of thetransaction log file(11) Byte 2: Maximumnumber of records inthe transaction log file

O



SFI 1 contains the data objects for PayPass—Mag Stripe transactions. ThePayPass—Mag Stripe data objects must always be included in Record 1 of SFI 1.The first four bytes of the AFL (PayPass) must always be equal to '08010100'.




Table 8.10—Record 1, SFI 1



'9F6C' '0001' M

PCVC3TRACK1 '9F62' Determined by issuer (Seenotes C and D below)

M

PUNATCTRACK1 '9F63' Determined by issuer (Seenotes C and E below)

M

Track 1 Data '56' Determined by issuer (Seenotes A and B below)

M

NATCTRACK1 '9F64' Determined by issuer (Seenotes E and F below)

M


M


M

Track 2 Data '9F6B' Determined by issuer(See note B below)

M


M

NOTE

A) The storage of the cardholder name in the Track 1 Data is prohibited by MasterCard. Issuers mustuse a space character followed by the surname separator (" /").

NOTE

B) The placeholders for the dynamic data in the discretionary data, at the positions where thePayPass reader stores the ATC, UN, CVC3 and n<CS.Subscript>UN</CS.Subscript>, should be filledwith zeroes (hexadecimal zeroes ('0') for Track 2 Data and ASCII zeroes ('30') for Track 1 Data). Theleast significant position of the discretionary data is used by the PayPass reader to store nUN. Ifthe issuer intends to use MasterCard On-behalf Service for dynamic CVC3 verification and if thePAN Sequence Number is present in the discretionary data and if the PAN Sequence Number is usedfor the derivation of KDCVC3, then the length of the PAN Sequence Number must be maximum 1significant digit.

NOTE

C) The bit map must only have non-zero bits that refer to available positions in the discretionary datafield of the corresponding Track Data. The least significant bit of the bit map must be set to zero.

NOTE

D) The number of non-zero bits in the bit map must be greater than or equal to 3.




NOTE

E) The number of non-zero bits in PUNATCTRACK1 minus the value of NATCTRACK1 must be greater thanor equal to zero, less than or equal to 8 and equal to the number of non-zero bits in PUNATCTRACK2minus the value of NATCTRACK2.

NOTE

F) If the issuer intends to make use of the MasterCard on-behalf Service for dynamic CVC3verification, then the value of NATCTRACK1 and the value of NATCTRACK2 must be greater than or equalto 3 for the CVC3 Validation in Stand-in Service or greater than or equal to 2 for the Dynamic CVC3Pre-validation Service or the PayPass Mapping Service (processing only option).




Track-2 Equivalent Data '57' Determined by issuer(See note A below)

M








CDOL1 '8C' M/Chip Lite: 9F 02 06 9F03 06 9F 1A 02 95 05 5F2A 02 9A 03 9C 01 9F 3704 9F 35 01 9F 45 02 9F34 03

M/Chip Select: 9F 02 069F 03 06 9F 1A 02 95 055F 2A 02 9A 03 9C 01 9F37 04 9F 35 01 9F 45 029F 4C 08 9F 34 03

M

CDOL2 '8D' M/Chip Lite: 91 0A 8A02 95 05

M/Chip Select: 91 0A 8A02 95 05 9F 37 04 9F 4C08

M

CVM List '8E' 00000000 00000000 5E034203 1F03

M








Issuer Action Code—Online '9F0F' F0 70 84 80 00 M

Issuer Action Code—Default '9F0D' F0 50 84 00 00 M



NOTE

A) An issuer that supports online PIN change using the PVV on the Track 2 Equivalent Data mustnot include the Track 2 Equivalent Data in a record used as input for static data authentication. Inthis case, the standard profile cannot be used.







Issuer Public Key Remainder '92' Determined by issuer(See note below)

C


NOTE




Signed Static Application Data '93' Determined by issuer M


SFI 4 is only present when CDA is supported and is not used in this profile.






Table 8.14—Data Elements that Must Not Be Included






AFL (PayPass) 'D9' 08 01 01 00 10 01 01 01 18 01 02 00






Lower Consecutive Offline Limit '9F14' Determined by issuer

Upper Consecutive Offline Limit '9F23' Determined by issuer

Lower Cumulative OfflineTransactionAmount

'CA' Determined by issuer





'CF' 08 00 00








'CD' 00 50 00

CDOL1 Related Data Length 'C7' M/Chip Lite: 23

M/Chip Select: 2B

CRM Country Code 'C8' Same value as Issuer Country Code


Currency Conversion table 'D1' Determined by issuer (See note below)


NOTE


Secret Keys


Table 8.17—Triple DES Keys













Profile 93: MasterCard/Debit MasterCard PayPass with SDA, online PIN preferred to signature

Miscellaneous




Application Life Cycle Data '9F7E' Depending on the possible separationbetween the loading of the applicationcode and the personalization data on thehardware, only part of the ApplicationLife Cycle Data may be personalized

Log Format '9F4F' The content of records in the Log ofTransactions

Static CVC3TRACK1 'DA' '0000'

Static CVC3TRACK2 'DB' '0000'

IVCVC3TRACK1 'DC' Determined by issuer (See notes A andB below)

IVCVC3TRACK2 'DD' Determined by issuer (See notes A andB below)

NOTE

A) MasterCard strongly recommends to use for IVCVC3TRACK1 the two least significant bytes of theresult of a MAC over the Track 1 Data as stored in Record 1, SFI 1. In the same way IVCVC3TRACK2should be the two least significant bytes of the result of a MAC calculated over the Track 2 Dataas stored in Record 1, SFI 1.

If the issuer intends to use MasterCard On-behalf Service for dynamic CVC3 verification, then forIVCVC3 generation the placeholders for the dynamic data in the discretionary data of Track 1 Dataand Track 2 Data, at the positions where the PayPass reader stores the ATC, UN, CVC3 and nUN, mustbe filled with zeroes (hexadecimal zeroes for Track 2 Data and ASCII zeroes ('30') for Track 1 Data).

NOTE

B) MasterCard strongly recommends to use for IVCVC3 generation the ISO/IEC 9797-1 MACalgorithm 3 with DES block cipher and an initial vector of zero (8 bytes). If the issuer intends to useMasterCard On-behalf Service for dynamic CVC3 verification, then this algorithm must be used.

Profile 93: MasterCard/Debit MasterCard PayPass withSDA, online PIN preferred to signature

This profile may be used with the contact Standard Profile 12, 14, 23, 24, 26,28, or 31.

The PayPass interface supports SDA.






AID '4F' A0000000041010 M

DF Name '84' A0000000041010 M


O







O







'9F6C' '0001' M


M


M


M


M






M


M


M


M

NOTE


NOTE

B) The placeholders for the dynamic data in the discretionary data, at the positions where thePayPass reader stores the ATC, UN, CVC3 and nUN, should be filled with zeroes (hexadecimal zeroes('0') for Track 2 Data and ASCII zeroes ('30') for Track 1 Data). The least significant position of thediscretionary data is used by the PayPass reader to store nUN. If the issuer intends to use MasterCardOn-behalf Service for dynamic CVC3 verification and if the PAN Sequence Number is present in thediscretionary data and if the PAN Sequence Number is used for the derivation of KDCVC3, then thelength of the PAN Sequence Number must be maximum 1 significant digit.

NOTE


NOTE


NOTE


NOTE

F) If the issuer intends to use MasterCard On-behalf Service for dynamic CVC3 verification, then thevalue of NATCTRACK1 and the value of NATCTRACK2 must be greater than or equal to 3 for the CVC3Validation in Stand-in Service or greater than or equal to 2 for the Dynamic CVC3 Pre-validationService or the PayPass Mapping Service (processing only option).








M








CDOL1 '8C' M/Chip Lite: 9F 02 06 9F03 06 9F 1A 02 95 05 5F2A 02 9A 03 9C 01 9F 3704 9F 35 01 9F 45 02 9F34 03

M/Chip Select: 9F 02 069F 03 06 9F 1A 02 95 055F 2A 02 9A 03 9C 01 9F37 04 9F 35 01 9F 45 029F 4C 08 9F 34 03

M

CDOL2 '8D' M/Chip Lite: 91 0A 8A02 95 05

M/Chip Select: 91 0A 8A02 95 05 9F 37 04 9F 4C08

M

CVM List '8E' 00000000 00000000 42035E03 1F03

M











NOTE









C


NOTE






SFI 4 is only present when CDA is supported and is not used in this profile.



Table 8.23—Data Elements that Must Not Be Included









AFL (PayPass) 'D9' 08 01 01 00 10 01 01 01 18 01 02 00














'CF' 08 00 00




'CD' 00 50 00

CDOL1 Related Data Length 'C7' M/Chip Lite: 23

M/Chip Select: 2B








NOTE


Secret Keys













Miscellaneous










Profile 94: MasterCard/Debit MasterCard PayPass with CDA, signature preferred to online PIN




NOTE



NOTE


Profile 94: MasterCard/Debit MasterCard PayPass withCDA, signature preferred to online PIN

This profile may be used with the contact Standard Profile 16, 18, 20, 21 or 22.




AID '4F' A0000000041010 M

DF Name '84' A0000000041010 M


O











O







'9F6C' '0001' M


M


M


M


M


M


M


M


M




NOTE


NOTE


NOTE


NOTE


NOTE


NOTE

If the issuer intends to use MasterCard On-behalf Service for dynamic CVC3 verification, then thevalue of NATCTRACK1 and the value of NATCTRACK2 must be greater than or equal to 3 for the CVC3Validation in Stand-in Service or greater than or equal to 2 for the Dynamic CVC3 Pre-validationService or the PayPass Mapping Service (processing only option).





M













M

CDOL2 '8D' 91 0A 8A 02 95 05 9F 3704 9F 4C 08

M

CVM List '8E' 00000000 00000000 5E034203 1F03

M








NOTE









C





NOTE






SFI 4 is only present when CDA is supported (AIP (PayPass)[1][7] = 1).




ICC Public Key Remainder '9F48' Determined by issuer(See note below)

C

NOTE







Table 8.34—Data Element that Must Not Be Included









AFL (PayPass) 'D9' 08 01 01 00 10 01 01 01 18 01 02 00 2001 02 00














'CF' 08 00 00




'CD' 00 50 00





Additional Check Table 'D3' Not used. Personalized withhexadecimal zeroes.




NOTE


Secret Keys













Table 8.38—RSA Keys





Length of ICC PIN EnciphermentPublic Key Modulus






Profile 95: MasterCard/Debit MasterCard PayPass with CDA, online PIN preferred to signature

Miscellaneous










NOTE



NOTE


Profile 95: MasterCard/Debit MasterCard PayPass withCDA, online PIN preferred to signature

This profile may be used with the contact Standard Profile 17 or 19.







AID '4F' A0000000041010 M

DF Name '84' A0000000041010 M


O







O







'9F6C' '0001' M


M


M


M


M






M


M


M


M

NOTE


NOTE


NOTE


NOTE


NOTE


NOTE

F) If the issuer intends to use MasterCard On-behalf Service for dynamic CVC3 verification, then thevalue of NATCTRACK1 and the value of NATCTRACK2 must be greater than or equal to 3 for the CVC3Validation in Stand-in Service or greater than or equal to 2 for the Dynamic CVC3 Pre-validationService or the PayPass Mapping Service (processing only option).








M









M

CDOL2 '8D' 91 0A 8A 02 95 05 9F 3704 9F 4C 08

M

CVM List '8E' 00000000 00000000 42035E03 1F03

M








NOTE












C


NOTE






SFI 4SFI 4 is only present when CDA is supported (AIP (PayPass)[1][7] = 1).




ICC Public Key Remainder '9F48' Determined by issuer(See note below)

C

NOTE










Table 8.46—Data Element that Must Not Be Included






AFL (PayPass) 'D9' 08 01 01 00 10 01 01 01 18 01 02 00 2001 02 00














'CF' 08 00 00








'CD' 00 50 00






NOTE


Secret Keys
















Table 8.50—RSA Keys





Length of ICC PINEncipherment Public KeyModulus




Miscellaneous




Application Life Cycle Data '9F7E' Depending on the possible separationbetween the loading of the applicationcode and the personalization data on thehardware, only part of the ApplicationLife Cycle Data may be personalized.






NOTE






NOTE



Appendix A Supplementary Data Elements per CardVersion

This appendix describes the supplementary data that you need to personalize in M/Chip 4 cards.Some data is specific to the version of the M/Chip specification that you are using.

Counter Limits and Previous Transaction.......................................................................................A-1

Counters and Data Elements with a Fixed Initial Value .................................................................A-1

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 A-i

Supplementary Data Elements per Card Version

Counter Limits and Previous Transaction

Counter Limits and Previous TransactionData Element Name Tag Recommended Values

Application Transaction Counter Limit 4E 20

Previous Transaction History 00 or 08

Bad Cryptogram Counter Limit 04 00

MAC in Script Counter Limit 0F (See note A below)

Global MAC in Script Counter Limit 00 4E 20 (See note A below)

AC Session Key Counter Limit 04 00 (See note B and C below)

SMI Session Key Counter Limit 04 00 (See note B below)

CFDC limit for Integrity Session Key 02 00 (See note A below)

CFDC limit for Confidentiality Session Key 02 00 (See note A below)

CFDC limit for AC Session Key 02 00 (See note A below)

NOTE

A) M/Chip 4 Version 1.1a only

NOTE

B) M/Chip 4 Version 1.1b only

NOTE

C) If a magnetic stripe grade profile is used for the contact interface or the card is being used forMasterCard Authentication Solutions for Chip, then the AC Session Key Counter Limit must be set tothe same value as the Application Transaction Counter Limit ('4E20').

Counters and Data Elements with a Fixed Initial ValueData Element Name Tag Recommended Values

Cumulative Offline Transaction Amount 00 00 00 00 00 00

Consecutive Offline Transactions Number 00

Script Counter '9F5F' 00

Log of The Current Transaction x (x=1...10 or more) 00…00

Application Transaction Counter '9F36' 0000

Global MAC in Script Counter 000000 (See note A)

AC Session Key Counter 0000 (See note B)

©2010 MasterCardM/Chip Card Personalization Standard Profiles (Including PayPass) • 19 February 2010 A-1

Supplementary Data Elements per Card Version

Counters and Data Elements with a Fixed Initial Value

Data Element Name Tag Recommended Values

SMI Session Key Counter 0000 (See note B)

Bad Cryptogram Counter 0000

Security Limits Status 'DF02' 00 (See note B)

NOTE

A) M/Chip 4 Version 1.1a only

NOTE

B) M/Chip 4 Version 1.1b only

©2010 MasterCardA-2 19 February 2010 • M/Chip Card Personalization Standard Profiles (Including PayPass)

Documents

Chip Standard Profiles