Index_T
T
Tag-length-value (TLV). See BER-TLV encoding
Tamper resistance, 369
Terminal action analysis, 201-17
action codes, 201-3
Application Cryptogram computation, 208-17
default action in transaction, 207-8
off-line denial, 204-6
on-line transmission, 206-7
security policies, 23
terminal proposes/card disposes, 203-4
See also EMV ¢ debit/credit
Terminal risk management, 195-201
defined, 195
random transaction selection, 196-99
terminal floor limit, 195-96
velocity checking, 199-201
See also EMV ¢ debit/credit
Terminals
action analysis, 349-50
action codes, 203
authentication, 368
CAD, 66
common processing performed by, 184-86
display, 75
in EMV ¢ debit/credit transaction, 149-50, 159
floor limit, 195-96
ICC interaction, 66-67
indirect application selection service implementation, 118
list of supported applications in, 117
minimal requirements, 231-32
"on-line only", 160
at point of service, 233
processing for EMV ¢ transaction, 196
processing for static data, 142-43
tag-length identifiers (TL), 87
Terminal Type data object, 265
Terminal Verification Results (TVR), 150
bytes, 152
defined, 152
Thin client architecture, 338-40
defined, 338
elements, 338
illustrated , 339
password mechanism, 340
traffic flow, 339
See also SET
Threats, 24-34, 363-66
analysis, 360
card counterfeiting, 31-33
cardholder access device, 299-300
colluding attacks, 33-34
communication channel, 296-99
data modification, 297-98, 365
denial-of-service attack, 299, 365
eavesdropping, 25-27
generic, 363-66
impersonation, 27-29, 298-99
interception, 364
merchant access device, 300
merchant attacks, 33-34
physical penetration, 365-66
remote card payment, 296-300
sniffing, 296-97
time coordinate, 365
wiretapping, 363-64
See also Security
Timeliness, 369
TLS-based method, 291-92
acceptability, 333-35
competitiveness , 336
confidential channel, 310
handshake protocol, 307-8
record protocol, 309
security comparison, 332-33
security limitations, 309-10
SET vs., 332-40
uses, 310
See also Remote card payments
Track 1, 20-21
Track 2, 22
Track 3, 22-24
counterfeiting protection, 32
defined, 22
dynamic field updating, 24
financial parameters, 23
PAN, 22
SANs, 22
security parameters, 23-24
See also Magnetic stripes
Transaction log, 196
Transaction profile, 74
EMV ¢ , 342-44
security protection in, 76
Transactions
amount, 75, 77
approved, 203
authorization, 36
cashback, 176
counterfeit, 233-34
data elements, 35
default action in, 207-8
denied , 204
EMV ¢ ,89
EMV ¢ debit/credit, 148-51
face-to-face, 54
fraudulent, 29, 235-36
mail order (MO), 20
off-line, 44-45
off-line denial of, 204-6
on-line, 42-43
on-line transmission of, 206-7
profile, 342-44
random selection, 196-99
remote, 300-304, 322-24
SET payment, 311, 322-24
target percentage, 198
telephone order (TO), 20
Transaction Status Information (TSI)
bits, 153
defined, 152
encoding, 153
Transport layer security (TLS), 26
elaboration, 306
handshake protocol, 307-8
record protocol, 309
security limitations, 309-10
See also Security; TLS-based method
Triple-DES block cipher, 402-4
Implementing Electronic Card Payment Systems (Artech House Computer Security Series)
ISBN: 1580533051
EAN: 2147483647
EAN: 2147483647
Year: 2003
Pages: 131
Pages: 131
Authors: Cristian Radu