Welcome to our new developer portal! Use the "Ask" button to chat with our AI Agent.
Ctrlk

Apple Pay personalization

The TSH is fully capable of personalizing an EMV application that is based on IRON applet for Apple Pay solution. Here is the set of data required from the TSP in the 'submitTokenData' operation.

Name
Format
Length
Description
Example

KEK_label

ASCII string

1-64

Label of the key used for CMKs encryption. The value is defined during the key ceremony.

"G062C.TEST.SGKEK.KEK.01"

KEK_kcv

Hexa string

6

KCV of the key used for CMK encryption.

"E95500"

DEK_label

ASCII string

1-64

Label of the key used for Track2 Data ("Track2_Data_under_DEK") encryption. The value is defined during the key ceremony.

"G062C.TEST.SGDEK.MKDATA.01"

DEK_kcv

Hexa string

6

KCV of the DEK key.

"50FE57"

Card_Master_Key_Under_KEK

Hexa string

-

Value of the Application Cryptogram Card Master Key for proximity payment ciphered under the KEK key. Encryption algorithm is defined during project setup.

"F1452589A51C5E88FA451236A5C49687"

CMK_kcv

Hexa string

6

Value of the KCV of the Application Cryptogram Card Master Key for proximity payment.

"4A56F8"

CMK_dki

Hexa string

2

Value of the Derivation Key index associated to the Application Cryptogram Card Master Key for proximity payment.

"01"

Card_Master_Key_RP_Under_KEK

Hexa string

-

Value of the Application Cryptogram Card Master Key for remote payment ciphered under the KEK key. Encryption algorithm is defined during project setup.

"E5812624B11DE846AA452165C4C39154"

CMK_RP_kcv

Hexa string

6

Value of the KCV of the AC Card Master Key for remote payment.

"5E23C1"

CMK_RP_dki

Hexa string

2

Value of the Derivation Key index associated to the AC Card Master Key for remote payment.

"01"

Track2_Data_under_DEK

Hexa string

-

Track 2 Equivalent Data (max length is 19 bytes) Format in clear is:

  • Token PAN up to 19 digits: 'ppppppppppppppppppp'

  • 'D'

  • Expiry date: 'yymm'

  • Service code: 'sss'

  • (optional) Discretionary data (depending on PAN length)

  • 'F' (if needed to ensure whole byte) track2 data is padded with 80h + 00h..00h in order to reach encryption algorithm block size (ISO7816-4 padding) track2 data is ciphered under the DEK key using CBC mode. Encryption algorithm is defined during project setup.

"FAB7FF4EFE1989AC25EBBEC2ED72378BDA79D244B89F7F25"

PAN_Sequence_Number

Hexa string

2

PAN Sequence Number to personalize in the application.

"01"

app_preferred_name

ASCII bytes

max 16

Application preferred name

"4465626974" which represents "Debit"

Note1:

The data element name is case insensitive. For example, DEK_KCV and dek_kcv are equivalent

Note2:

Additional data elements may be added upon project configuration

Note3:

All KCVs described above are calculated by encrypting 8 bytes of 00h for 3DES keys or 16 bytes of 01h for AES keys with the related key using ECB mode. In both cases, the 3 high-order bytes shall be used as KCV.

PreviousTransaction Notification APINextGoogle Pay personalization

Last updated

Was this helpful?