Table of Contents
As part of processing EMV transactions, various PIN and data authentication checks are performed offline. The checks use public-key cryptography (also known as asymmetric cryptography). This is the process of exchanging messages that can only be read by one another. In public key cryptography, the payment terminal and EMV card each have a pair of cryptographic keys; a public key and a private key. Whilst the private key is kept secret, the public key may be known/distributed by others.
Card schemes distribute the Public-Root Keys to be loaded into individual payment device terminals. The terminals will check the digital signatures from the schemes against the ICC data at the time of the transaction as part of an offline data authentication check.
Each payment integration is responsible for maintaining the CA Public Keys in support of the EMV Public Key Infrastructure.
- Test Public Keys are different and test Public Keys should not be used on production terminals.
- Only the authorized production Public Keys should be loaded on production terminals.
- Any expired or inactive keys should be removed from production terminals.
It is important only valid keys are used on production terminals otherwise EMV cards could pass the PIN/authentication checks and approve offline when the transaction should, in fact, fail authentication checks.
The following keys should be REMOVED from any terminals supporting the applicable card scheme as they expired on 31st December 2017:
(A000000003) Visa Index 07.
(A000000004) Mastercard/Maestro Index 04.
(A000000025) American Express Index 0E.
(A000000152) Discover/Diners Index 03.
(A000000065) JCB Index 10.
(A000000277) Interac Index 05.
The following keys should be LOADED into production environments on any terminals supporting the applicable card scheme:
(A000000003) Visa Index 08 and 09
(A000000004) Mastercard/Maestro Index 05 and 06
(A000000025) American Express Index 0F and 10
(A000000152) Discover/Diners Index 04 and 05
(A000000065) JCB Index 12 and 14
(A000000277) Interac Index 06 and 08.