Transcription
EMV Terminal Type ApprovalContact Level 2Administrative ProcessVersion 2.6February, 2017 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is a registeredtrademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative ProcessPage i / vLegal NoticeThis document summarizes EMVCo’s present plans for evaluation services and relatedpolicies and is subject to change by EMVCo at any time. This document does not createany binding obligations upon EMVCo or any third party regarding the subject matter of thisdocument, which obligations will exist, if at all, only to the extent set forth in separate writtenagreements executed by EMVCo or such third parties. In the absence of such a writtenagreement, no product provider, test laboratory or any other third party should rely on thisdocument, and EMVCo shall not be liable for any such reliance.No product provider, test laboratory or other third party may refer to a product, service orfacility as EMVCo approved, in form or in substance, nor otherwise state or imply thatEMVCo (or any agent of EMVCo) has in whole or part approved a product provider, testlaboratory or other third party or its products, services, or facilities, except to the extent andsubject to the terms, conditions and restrictions expressly set forth in a written agreementwith EMVCo, or in an approval letter, compliance certificate or similar document issued byEMVCo. All other references to EMVCo approval are strictly prohibited by EMVCo.Under no circumstances should EMVCo approvals, when granted, be construed to imply anyendorsement or warranty regarding the security, functionality, quality, or performance of anyparticular product or service, and no party shall state or imply anything to the contrary.EMVCo specifically disclaims any and all representations and warranties with respect toproducts that have received evaluations or approvals, and to the evaluation processgenerally, including, without limitation, any implied warranties of merchantability, fitness forpurpose or non-infringement. All warranties, rights and remedies relating to products andservices that have undergone evaluation by EMVCo are provided solely by the partiesselling or otherwise providing such products or services, and not by EMVCo, and EMVCowill have no liability whatsoever in connection with such products and services.This document is provided "AS IS" without warranties of any kind, and EMVCo neitherassumes nor accepts any liability for any errors or omissions contained in this document.EMVCO DISCLAIMS ALL REPRESENTATIONS AND WARRANTIES, EXPRESS IESOFMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT, AS TO THIS DOCUMENT.EMVCo makes no representations or warranties with respect to intellectual property rights ofany third parties in or in relation to this document. EMVCo undertakes no responsibility todetermine whether any implementation of this document may violate, infringe, or otherwiseexercise the patent, copyright, trademark, trade secret, know-how, or other intellectualproperty rights of third parties, and thus any person who implements any part of thisdocument should consult an intellectual property attorney before any such implementation.Without limiting the foregoing, this document may provide for the use of public keyencryption and other technology, which may be the subject matter of patents in severalcountries. Any party seeking to implement this document is solely responsible fordetermining whether its activities require a license to any such technology, including forpatents on public key encryption technology. EMVCo shall not be liable under any theory forany party's infringement of any intellectual property rights in connection with this document. 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative ProcessPage ii / vRevision Log – Version 2.6The following changes have been made to the document since the publication of Version2.5. Some of the numbering and cross references in this version have been updated toreflect changes introduced by the published bulletins.The numbering of existingrequirements did not change, unless explicitly stated otherwise.Section2.12-Reason for changeICS replacement rulesSample retention rule change2.10ApplicationKerneldependencies exist2.5.3Clarification that Baseline configuration is theconfiguration with the most activated options-portabilitywhenplatformRenewal testing limited to delta testing (no moreregression testing)2.7.6Clarification of Internal PIN Pad submission2.11.1Test Template usage clarification for MCK submission4.2.3Sample Management4.2.4Clarification of ATM case when sample cannot be inLaboratory premises 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative ProcessPage iii / vContents12INTRODUCTION . 11.1AUDIENCE . 11.2NORMATIVE REFERENCES . 11.2.1Normative references . 21.2.2EMV Specifications . 21.3DEFINITIONS . 31.4NOTATIONAL CONVENTIONS . 71.4.1Abbreviations . 71.4.2Terminology & conventions . 7TYPE APPROVAL OVERVIEW . 92.1SCOPE OF CONTACT TYPE APPROVAL LEVEL 2 . 92.2TYPE APPROVAL DOCUMENTATION . 112.3EMV LEVEL 2 APPLICATION SOFTWARE APPROVAL . 122.3.1EMV Application Kernel . 122.3.2EMV Application Kernel - Level 2 Approval Prerequisites . 142.3.3Terminal and EMV Application Kernel Relationships . 142.3.4Case of Virtual Machine identified as Operating System . 142.4LEVEL 2 TYPE APPROVAL LIFE CYCLE CONCEPT. 152.4.1EMV Life Cycle and Type Approval Milestones . 152.4.2Design and Debugging Phase . 152.4.3Application Kernel Type Approval Phase . 152.4.4Application Kernel Approval: . 162.4.5Level 2 Application Software Approval Resubmission Phase . 162.4.6End of Design Life . 162.5EMV LEVEL 2 CONFIGURABLE APPLICATION KERNEL TESTING . 172.5.1Prerequisites – Configurable Application Kernel . 172.5.2Configurable Application Kernel - Additional Prerequisites . 172.5.3Initial submission - Configurable Application Kernel . 182.5.4Resubmission – Configurable Application Kernel . 192.5.5General rules concerning Configurable Application Kernels . 202.6SPLIT APPLICATION KERNEL TESTING . 202.6.1Resubmission – Sub Component Change Process . 202.6.2Case of change of a transparent sub component . 212.7APPLICATION KERNEL TESTING WITH MULTIPLE PIN PAD SUPPORT . 212.7.1PIN Pad and Application Kernel relationship - Prerequisites . 21 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative ProcessPage iv / v2.7.2PIN Pad Change Process- Additional Prerequisites . 212.7.3Initial submission - PIN Pad Change Process . 222.7.4Resubmission –PIN Pad Change Process . 222.7.5Case of single External PIN Pad . 232.7.6Case of Internal PIN Pad . 232.7.7Case of PIN Pad without EMV function on board (transparent PIN Pad) . 232.8MERGING CONFIGURABLE KERNEL PROCESS AND MULTIPLE PIN PAD PROCESS . 242.8.1Prerequisites. 242.8.2Initial submission . 242.8.3Resubmission . 242.8.4General rule . 252.9APPLICATION KERNEL TESTING WITH MULTIPLE OPERATING SYSTEM SUPPORT . 252.9.1Prerequisites. 252.9.2Initial submission . 252.9.3Resubmission . 262.10 APPLICATION KERNEL WITH PLATFORM DEPENDENCIES: MULTIPLE PLATFORM SUBMISSION . 262.10.1 Initial submission . 262.10.2 Resubmission – New Terminal having the same platform dependencies . 272.11 APPLICATION KERNEL TESTING SUMMARY . 272.11.1 EMVCo terminal type approval testing structure . 272.11.1 Templates usage . 312.12 ICS SUBMISSION RULES. 322.12.1 ICS Submission . 322.12.2 ICS replacement . 322.13 EMVCO TERMINAL TYPE APPROVAL FEE STRUCTURE . 332.14 INTEGRATED POINT OF SALE . 3534ROLES & RESPONSIBILITIES . 363.1EMVCO . 363.2EMVCO TYPE APPROVAL SECRETARIAT (CATA). 363.3AUDITORS. 373.4EMVCO ACCREDITED LABORATORIES . 37TYPE APPROVAL PROCEDURES . 394.1REGISTRATION . 424.1.14.2Contract with EMVCo . 42APPLICATION PROVIDER AND LABORATORY OPERATIONS . 424.2.1Contracts between Laboratories and Vendors . 434.2.2Type Approval Test Report . 444.2.3Samples Management . 454.2.4Case of samples not transferrable into Laboratory premises . 45 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative Process5Page v / v4.3APPLICATION PROVIDER PREPARATION FOR APPROVAL REQUEST . 484.4APPLICATION PROVIDER DOSSIER . 484.5EMVCO REVIEW AND APPROVAL . 484.6APPROVAL WITH CONDITIONS . 494.7TYPE APPROVAL RENEWAL PROCESS . 504.7.1Basic Policy . 504.7.2Renewal Process – Configurable Application Kernel . 534.7.3Renewal Process – Multiple PINPads . 534.7.4Renewal Process – Multiple Operating System . 544.7.5Labs for Renewal testing . 544.7.6Samples submission . 544.7.7ICS Submission . 54TEST VERSION AND SPECIFICATION CHANGE . 555.1TEST CHANGES WITHOUT SPECIFICATION UPDATE AND APPLICATION NOTE . 555.2TEST CHANGES DUE TO SPECIFICATION UPDATE AND APPLICATION NOTE . 555.3TESTING APPLICABILITY . 566APPLICATION KERNEL CHANGES . 577CHANGE IN CONTACT INFORMATION . 588APPENDIX A: FINDING THE FORMS . 599APPENDIX B: CHECKSUM RULES . 59 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative Process1Page 1 / 62IntroductionEMVCo, LLC (“EMVCo”) manages and maintains the EMV Integrated Circuit Card (ICC)Specifications for Payment Systems, hereinafter called the EMV Specifications.EMVCo established the terminal type approval process to create a limited mechanism to testcompliance with the EMV Specifications. Type Approval provides an increased level ofconfidence that interoperability and consistent logical behavior between compliantapplications have been achieved.EMVCo type approval testing is divided into two levels. The Level 1 type approval processtests compliance with electromechanical characteristics, logical interface, and transmissionprotocol requirements defined in part I of the EMV Specifications. Level 2 type approvaltests compliance with debit/credit application requirements defined in the remainder of theEMV Specifications.This document describes the administrative process used to have card acceptance devices(terminals) tested for compliance with EMV level 2 requirements. The document outlines thefundamental concepts upon which EMV type approval is based, provides a summary ofparticipating entities and their respective roles, and the detailed procedures by which asoftware provider can obtain EMVCo terminal level 2 type approval.1.1 AudienceThe target audience of this document is: Application Providers Laboratory Auditors(qualified to verify that laboratories comply with the EMVCo processesand procedures)(accredited to perform the type approval tests)Readers are reminded that type approval, when granted by EMVCo, shall not be construedas a warranty or representation of any sort, nor may it be relied upon by any party as anassurance of quality or functionality of any product or service. Please note the details of thelegal notice incorporated in the front of this document for important limitations on the scopeof type approval.1.2 Normative ReferencesThe following standards contain provisions that are referenced in this specification. Thelatest version including all published amendments shall apply unless a publication date isexplicitly stated. 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative ProcessPage 2 / 621.2.1 Normative referencesRef.:DocumentIdentityDocument TitleVersionDoc.DateISO 9001/2ISO 9001/2QualityRequirements2ndedition1994ISO 10011ISO 10011Guidelines for Auditing QualitySystems — Part 1: Auditing1993August1993ISO/IECISO/IECGuide 2General Terms and TheirDefinitionsConcerningStandardization and RelatedActivities6thedition1991ISO DIS tories/GeneralRequirementsfortheCompetence of Testing andCalibration LaboratoriesAssurance1.2.2 EMV SpecificationsEMVCo, LLC (EMVCo) manages and maintains the EMV Integrated Circuit Card (ICC)Specifications for Payment Systems and related specifications. As used in this document,“EMV Specifications” denotes all documents listed in Table 2 1.EMV Specifications are publicly available on the EMVCo website: www.emvco.com.Table 1-2: EMV SpecificationsDocument TitleVersionEMV 4.2 ICC Specification for Payment SystemsCard SpecificationVersion 4.3, June 2011Terminal SpecificationVersion 4.3, June 2011Application SpecificationVersion 4.3, June 2011All applicable Specification Updates and ApplicationNotes to the documents above as published on theEMVCo websiteAs identified on the EMVCowebsiteEMVCo Type Approval – Terminal Level 2Test CasesLatest version availableEMV Terminal Type Approval Bulletin 185Latest version available 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative ProcessPage 3 / 621.3 DefinitionsThe following terms are used in this specification:Table 1.4: List of termsAccreditationAnswer(ATR):toformal recognition by EMVCo that an auditor or testing laboratory iscompetent to carry out specific functions defined as defined byEMVCo type approval procedures.reset string of bytes sent by the ICC in response to the reset by theterminal. These bytes convey information to the terminal that definescertain characteristics of the communication to be establishedbetween the ICC and the terminal.Applicationa message sent from the IFD to the card or conversely. It mayprotocol data unit contain either a command message or a response message.(APDU):Auditor:independent, impartial entity that verifies test laboratory conformanceto EMVCo-defined type approval procedures.Baseline:For kernels capable of supporting multiple configurations, thebaseline is the primary configuration that will be fully tested during thetype approval process. The baseline shall be the configuration withthe most options enabled by default.Card:a payment card as defined by a payment system.Checksum:A vendor-generated value (minimum 4 bytes) for each applicationkernel, and configuration. The checksum must be a unique value foreach application kernel, , derived from the entire application kerneland any files associated. Another checksum must be also unique foreach configuration (in case of multiple configuration kernel) with theconfiguration features. The method or algorithm used for generatingthe checksum is left to the discretion of the vendor. For example, avendor may choose to implement SHA-1 or CRC. These values shallbe retrievable for each Applications Kernels, Software Modules orExternal Libraries when used by the Application kernel and this forcomparative purposes. Refer to annex B for more detail onChecksum defined rules.This checksum requirement applies to static kernels, configurablekernels, and the PIN pad change process. EMVCo expects thechecksum will provide a validation that a kernel application remainsunchanged from the test state through deployment.Command:a message that is sent by the terminal to the ICC to initiate an actionand solicit a response from the ICC.Compliance:see conformanceConformance:meeting all therequirementsDelta Testing:the difference between the test plan versions the product wasapproved against versus the current version of the test plan when theproduct is reaching its Renewal daterequirementsincludingimplementedoptional 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative ProcessPage 4 / 62Device under test system, module, part, or component actually tested or to be tested.(DUT):Embossing:characters raised in relation to the front surface of a card.EMVCo:a Limited Liability Company established to maintain the EMVspecifications and administer type approval against thosespecifications.EMVapplication a software module, core, or library, forming part of an overall terminalkernel:application architecture, developed for exclusive support of the EMVdebit/credit functions and application requirements.Function:a process accomplished by one or more commands and resultantactions that are used to perform all or part of a transaction.Implementationconformancestatement (ICS):a form completed by the EMV application provider listing all optionalfunctions - as specified in the reference specification - supported inthe EMV application kernel.Implementationunder test (IUT):a virtual or abstract device, implementing the EMV specification, tobe submitted for testingIntegratedcard (ICC):circuit a card into which one or more integrated circuits are inserted toperform processing and memory functions.Integratedcircuit(s):electronic component(s) designed to perform processing and/ormemory functions.Interface(IFD):device part of a terminal into which the ICC is inserted, including suchmechanical and electrical devices that may be considered part of it.Interface(IFM):module a virtual or abstract device that contains the necessary hardware andsoftware to power the ICC and to support communication betweenthe terminal and the ICC up to the transport layer. The three mainfunctional components are the mechanical, electrical and logical ICCinterfacesIFMinteroperability:The minimum requirements as defined in EMV Specificationpermitting the ICC and the IFM to communicate with each other in apredictable and consistent manner.Internationalan international body that provides standards for financialOrganizationfor transactions and telecommunication messages. ISO works inStandardizationconjunction with the International Telecommunication Union (ITU) for(ISO):standards that affect telecommunications. ISO supports specifictechnical committees and work groups to promulgate and maintainfinancial service industry standardsLaboratory:Letteraccreditation:a facility that performs type approval testing in compliance withEMVCo defined requirements and procedures.of written statement that confirms a testing laboratory is performing typeapproval tests in conformance with the rules defined by EMVCo.Letter of approval:written statement that documents the decision of EMVCo that aspecified product type has demonstrated sufficient conformance tothe EMV Specification on the date of it being tested.Level 1 test:the execution of a defined set of electrical, mechanical, andcommunication protocol tests versus requirements described in part 1of the EMV 2000 Integrated Circuit Card Specification for Payment 2017 EMVCo, LLC. All rights reserved. Reproduction, distribution and other use of this document is permitted only pursuant to the applicable agreement between the user and EMVCo found at www.emvco.com. EMV is aregistered trademark or trademark of EMVCo, LLC in the United States and other countries.
EMV Terminal Type ApprovalLevel 2 Administrative ProcessPage 5 / 62Systems.Magnetic stripe:the stripe on the physical card containing magnetically encodedinformation.Majormodification:technical change to or addition to the EMV application kernel thatimplies that the application provider cannot guarantee continuedconformance of the modified EMV application kernel with therequirements of the EMV specifications.Message:a string of bytes sent by the terminal to the card or vice versa,excluding transmission-control characters.Minormodification:technical change to the functionality of the EMV application kernelthat does not affect the functionality of the application kernel withrespect to the requirements of the EMV specifications.MultipleConfigurationKernel:an application kernel capable of supporting multiple pre-definedfunctional configurations without requiring major modifications
2.5.3 Clarification that Baseline configuration is the configuration with the most activated options - Renewal testing limited to delta testing (no more regression testing) 2.7.6 Clarification of Internal PIN Pad submission 2.11.1 Test Template usage clarification for MCK submission 4.2.3 Sample Management
