ÀÌ Ã¥Àº EMV¿¡ °üÇÑ »õ·Î¿î °³³äÀ» ¼³¸íÇϰųª
»õ·Î¿î ³»¿ëÀ» ³íÀÇÇÏ´Â °ÍÀº ´õ´õ¿í ¾Æ´Ï´Ù.
´Ù¸¸ Ä«µå ´Ü¸»±â °³¹ßÀÚ Æ¯È÷, ¼ÒÇÁÆ®¿þ¾î °³¹ßÀÚµéÀÌ
Á» ´õ ½¬¿î Á¢±Ù ¹× ½¬¿î ÄÚµùÀ» À¯µµÇÏ´Â ³»¿ëÀÏ »ÓÀÌ´Ù.
¸ÕÀú IC Card(Integrated Circuit Card) ¶Ç´Â ½º¸¶Æ® Ä«µå(Smart Card)´Â Å©°Ô Á¢ÃË½Ä Ä«µå(Contact Card)¿Í ºñÁ¢ÃË½Ä Ä«µå(Contactless Card)·Î ³ª´©¾îÁø´Ù. ¾Æ¸¶µµ Á¢ÃË½Ä Ä«µå°¡ ¸ÕÀú ³ª¿ÔÀ» °ÍÀ¸·Î »ý°¢µÈ´Ù. ÀÌÀüÀÇ MS Card(Magnetic Stripe Card)´Â Ä«µå µÞ¸é¿¡ ÀÚ¼ºÀ» ÀÔÇô Ä«µå¹øÈ£¸¦ ÀúÀåÇÏ¿© »ç¿ëµÇ¾ú´Âµ¥, À§º¯Á¶°¡ ½¬¿î ¹®Á¦°¡ ¹ß»ýÇÏ¿© IC Card°¡ °í¾ÈµÇ¾ú´Ù. IC Card´Â ¹°¸®ÀûÀ¸·Î Ä«µå ³»¿¡ CPU¸¦ °¡Áö°í ÀÖ°í Àü¿ø¸¸ ¿ÜºÎ¿¡¼ °ø±Þ¹Þ´Â µ¶¸³µÈ ÀåÄ¡ÀÌ´Ù. ÀÌ¿¡ ´ëÇÑ ¹°¸®Àû Assignment¿Í À̸¦ ´Ü¸»±â¿¡ »ðÀÔÇßÀ» ¶§ Åë½ÅÇϱâ À§ÇØ ÇÊ¿äÇÑ ¹°¸®Àû/³í¸®Àû °³³äÀ» ¼³¸íÇÑ ÈÄ ÇÁ·ÎÅäÄÝÀ» °£·«ÇÏ°Ô ¾ð±ÞÇÑ´Ù.
´Ü¸»±â°¡ °ü¸®ÇØ¾ß ÇÒ µ¥ÀÌÅÍ Áß ¿©·¯ °³ÀÇ DOL(Data Object List)ÀÌ Àִµ¥, ÀÌ°ÍÀÇ °³³äÀ» ¼³¸íÇÏ°í, EMV °Å·¡°¡ Application, Read Application, Offline Data Authentication, Processing Restrictions, Cardholder Verification, Terminal Risk Management, Terminal Action Analysis, Online Processing, Issuer-to-Card Script Processing µîÀ» ´Ü°èº°·Î ²À ¾Ë¾Æ¾ß ÇÒ ºÎºÐ¸¸À» ¾ð±ÞÇÏ¿´´Ù.
Á» ´õ ½¬¿î ÄÚµùÀ» À¯µµÇÏ´Â EMV Áöħ¼!
ÇÁ·Ñ·Î±×
1. ¼¾ð
2. EMV °Å·¡ ÀÌÇظ¦ À§ÇÑ ¼±ÇàÁö½Ä
2.1 | µ¥ÀÌÅÍ ¿¤¸®¸ÕÆ® Æ÷¸Ë(Data Element Format)
2.2 | IC Card¿¡ ´ëÇÑ °£´ÜÇÑ ¼³¸í
2.3 | ATR(Answer To Reset)
2.4 | Ä«µå¿ÍÀÇ Åë½Å ÇÁ·ÎÅäÄÝ
2.5 | Ä¿¸Çµå ±¸Á¶
2.5.1 C-APDU
2.5.2 R-APDU
2.6 | ÆÄÀÏ ±¸Á¶(File Structure)
2.7 | ÆÄÀÏ ÂüÁ¶(File Referencing)
2.7.1 Name¿¡ ÀÇÇÑ ÂüÁ¶
2.7.2 SFI¿¡ ÀÇÇÑ ÂüÁ¶
2.8 | Application Selection
2.8.1 PSE(Payment System Environment) »ç¿ëÇϱâ(Using the PSE)
2.8.2 AID List »ç¿ëÇϱâ(Using a List of AIDs)
2.9 | SDA(Static Data Authentication)
2.10 | DDA(Dynamic Data Authentication)
2.11 | CDA(Combined DDA/Application Cryptogram Generation)
2.12 | PIN ¾ÏÈ£È ¹× Áõ¸í(PIN Encipherment and Verication)
2.13 | DOL »ç¿ë ±ÔÄ¢(Rules for Using a Data Object List)
2.13.1 PDOL(Processing Options Data Object List)
2.13.2 CDOL1, CDOL2(Card Risk Management Data Object List)
2.13.3 TDOL(Transaction Certicate Data Object List)
2.13.4 DDOL(Dynamic Data Authentication Data Object List)
2.14 | Initiate Application Processing
2.14.1 GET PROCESSING OPTIONS RESPONSE Format 1
2.14.2 GET PROCESSING OPTIONS RESPONSE Format 2
2.15 | Read Application Data
2.16 | Ofine Data Authentication
2.17 | Processing Restrictions
2.17.1 Application Version Number
2.17.2 Application Usage Control
2.17.3 Application Effective/Expiration Dates Checking
2.18 | Cardholder Verication Method(CVM)
2.18.1 Ofine PIN 󸮰úÁ¤
2.18.2 Online PIN 󸮰úÁ¤
2.18.3 Signature 󸮰úÁ¤
2.19 | Terminal Risk Management(TRM)
2.19.1 Floor limit checking
2.19.2 Random transaction selection
2.19.3 Velocity checking
2.20 | Terminal Action Analysis(TAA)
2.21 | Card Action Analysis
2.22 | Online Processing
2.23 | Issuer-to-Card Script Processing
2.24 | Completion TLV Data Objects ·ê(Rules for BER-TLV Data Objects)
3. EMV °Å·¡µ¥ÀÌÅÍ ºÐ¼®
3.1 | Application Selection µ¥ÀÌÅÍ ºÐ¼®
3.2 | Initiate Application µ¥ÀÌÅÍ ºÐ¼®
3.3 | Read Record µ¥ÀÌÅÍ ºÐ¼®
3.4 | Ofine Data Authentication µ¥ÀÌÅÍ ºÐ¼®
3.5 | Cardholder Verication Method µ¥ÀÌÅÍ ºÐ¼®
3.6 | Terminal Risk Management µ¥ÀÌÅÍ ºÐ¼®
3.7 | Terminal Action Analysis µ¥ÀÌÅÍ ºÐ¼®
3.8 | Issuer Script µ¥ÀÌÅÍ ºÐ¼®
4. ºÎ·Ï
4.1 | PSE Selection with CUP
4.2 | PSE Selection with Visa
4.3 | AID List Selection with Mastercard
4.4 | SDA
4.5 | DDA
4.6 | CDA
4.7 | Plaintext PIN
4.8 | Enciphered PIN
4.9 | Online Enciphered PIN
4.10 | Terminal Action Analysis
4.11 | Issuer Script
