We use cookies on this website
Cookies improve how our website works and how it is used, so that we can continue to improve the site. For more information see our cookie policy.
By using this website you are agreeing to our use of cookies.
- What is EMV? >
- World of Contactless >
- EMV Discover Contactless Transaction Flow
Discover
Contactless Discover transactions can be performed in both EMV mode and Magnetic Stripe Mode. Discover’s EMV mode is referred to as D-PAS and the D-PAS specifications also contain support for Magnetic Stripe mode transactions referred to as D-PAS MS mode. There is also an older Discover standard known as ZIP, which is a legacy Magnetic-Stripe Mode specification. Terminals can be certified as either D-PAS or ZIP, but any D-PAS compliant terminal must be capable of also accepting ZIP compliant cards.
The first APDU issued by the Discover Kernel is a Get Processing Options command. To optimise the number of APDU commands that need to be exchanged with the contactless card, the Get Processing Options response may also contain many of the other data items that are required to process the transaction.
In some cases it may not be necessary to perform any other APDU commands after the Get Processing Options response has been received. If not all the required data has yet been received then the kernel will be required to issue Read Record commands to retrieve the remaining data. After that has been performed, the card exchanges have been completed and the card can be removed from the RF field.
EMV Mode (D-PAS)
D-PAS EMV mode takes priority over both Magnetic-Stripe Modes in situations where it is simultaneously supported by the reader and card, and the conditions within the Get Processing Options step are met.
The D-PAS configuration includes support for offline and online capabilities. If the transaction is offline and is in EMV mode then it is mandatory to perform CDA as the method of Offline Data Authentication. CDA is not performed for transactions that will be sent online for authorisation but the card will return an Application Cryptogram in these cases to allow the issuer to perform Online Data Authentication. Additional checks such as Cardholder Verification – including the usage of CDCVM on consumer devices – and Processing Restrictions are also performed.
Mag-Stripe Mode (D-PAS MS and ZIP)
Both D-PAS MS mode and ZIP configurations of Discover support the generation of Track 1 and Track 2 equivalent data for use in online authorisation messages. However, to ensure that card details cannot be cloned – by ensuring that the data changes every transaction – all the track equivalent data will also contain a Dynamic Card Verification Value (DCVV) and a terminal-generated unpredictable number.
Transaction Flow Chart
Contactless Steps |
Process Description |
| Entry Point Processing (Mandatory) |
For more information on this processing refer to the section about Entry Point Processing. |
| Initiate Application Processing (Mandatory) |
The kernel issues a Get Processing Options command and performs a number of checks for data elements returned by the card, to ensure that all required data elements are present and well formatted. At this stage, if it is an EMV transaction, the kernel will check to see if an Offline Balance is present on the card. |
| Read Application Data (Conditional)
|
This step is only performed if the AFL was provided by the card. In EMV mode for online transactions, the AFL may be absent from the card's response and in this instance all of the card data objects required (e.g. Track 2 Equivalent Data) will be provided during the initiate application processing stage instead of the Read Application Data stage. In a ZIP or magstripe legacy transaction, if the Dynamic Card Verification Value (DCVV) is present in one of the READ RECORDS then the Unpredictable Number and DCVV are inserted into the Track 1 and 2 data. |
| Card removal (Mandatory)
|
At this point the cardholder will be informed that they can remove their card from the terminal's contactless reader. In EMV mode, after the removal of the card there are some other processes that may be required to be performed, which are performed after card removal to reduce the amount of time the cardholder has to keep their card in the RF field. Mag-Stripe mode transactions must always be performed online and therefore they will proceed straight to the Online Processing stage. |
| Cardholder Verification (Conditional) |
The Cardholder Verification Method is selected based on the value of the Card Processing Requirements (CPR). The CPR is obtained from the card in Initiate Application Processing. |
| Offline Data Authentication
(Conditional)
|
If the transaction is to be performed offline, then ODA is done by retrieving the relevant public keys and then, if they are all present, verifying the SDAD returned during Initiate Application Processing. This involves checking the size, applying the RSA algorithm and performing checks on the deciphered data. |
| Processing Restrictions
(Conditional) |
During Processing Restrictions the card application is put through a number of tests to check if the card is valid for use, such as checking that the card is active on the current date (i.e. that the card is effective but not yet expired). |
| Terminal Action Analysis
(Mandatory)
|
During Terminal Action Analysis the Terminal completes additional checks to determine whether to approve or decline the transaction, or whether Online Processing is required. |
| Online Processing
(Conditional) |
If it is required to do so, the terminal will send the transaction online where further authentication will be performed and the issuer will decide whether or not to approve the transaction. |
| Completion
(Mandatory) |
The transaction result is displayed and, if approved, the goods or services can be supplied. |
ChipDNA - a rapid SDK for Windows, Linux, iOS and Android - helps integrators, ISVs & VARs transition from mag-stripe to EMV.
