Smart card payment transaction system based on multi-protocol dual smart card interface chip and secure microcontroller

This application note describes a smart card payment transaction system based on the DS8007 multi-protocol dual smart card interface chip and the DS5002 secure microcontroller. The system enables basic smart card deposits, withdrawal transactions, and card initialization. Although the system does not perform any security tests related to the "real" payment transaction system, the functionality demonstrated here is highly representative of such systems.

The hardware used in the demonstration is the DS8007 Evaluation (EV) board. The evaluation kit provides a convenient, proven platform for testing smart card operations based on the DS8007 device. The EV kit includes the DS5002 Secure Microcontroller as the main processor, a 2-line 20-character liquid crystal display (LCD) module, and two smart card slots (credit card size and SIM size, respectively). A DB-9 connector is also provided for transmitting signals over the RS-232 serial interface. Using our Microcontroller Toolkit (MTK) software (download), users can connect the PC to the RS-232 port to download programs or data files, or communicate with the application system. The EV kit also includes a 512k x8 battery backup SRAM for storing program and data information. The DS5002 security processor provides power detection and control circuitry for battery-backed SRAM.

The software toolset used to develop the application is Keil's PK51 professional development tool suite, including the μVision3 Integrated Development Environment (IDE) and the CX51 ANSI C compiler. The PK51 package provides a complete development environment for assemblers, connectors, emulators, and debuggers. The hex file it generates can be downloaded directly from the PC to the DS8007 evaluation board using MTK software.

Applications

The trading features provided in this application note can be viewed as application note 4036: Additional layers above the low-level features described in the design using the DS8007 evaluation kit.

This transaction instance can perform and properly manage the transmission and reception of Application Protocol Data Units (APDUs). The APDU is defined by the ACOS3 smart card EMV specification. A typical payment transaction operation can be demonstrated by generating and transmitting the appropriate APDU and processing its possible responses.

The C language source code for this application is available for download under the file name AN4120_SW.zip. The code in the aforementioned application note 4036 is the core of these transactional examples, providing all the basic interface/driver functions of the DS8007 and all direct low-level smart card interface functions. The code in AN4036 is also available for download at the same URL, called AN4036_SW.zip.

Transaction example details

To create a representative set of trading functions, this example implements three main smart card operations:

* Withdrawal transaction, ie deducting credit card balance

* Deposit transaction, that is, increase credit card balance

* Credit card initialization transaction, set credit card balance and transaction number as initial value

The initial amount in the card is $100.00 and the initial number of transactions is set to 1 during the initial transaction. To simplify the example, each deposit and withdrawal transaction is fixed or deducted from the credit card balance by $10.00.

In order to provide a reasonable demonstration, the first consideration is how to use the resources on the DS8007 evaluation board to establish a user interface. One of the design goals is that the RS-232 serial port on the evaluation board cannot be used as a user interface because it can be operated stand-alone without the need for additional equipment. The most convenient hardware for the user input interface is switch SW4, which, when pressed, pulls the processor's port pin P3.2 to ground. P3.2 is a multi-function port pin that can also be used as an external interrupt input (INT0). However, this interrupt is not enabled in this application example software. Therefore, pin P3.2 is usually pulled up to the high level by the pin drive circuit of the processor, and pulled low by a 1kΩ resistor when the switch SW4 is pressed. The application system can simply detect if the switch is closed by reading the level of this pin.

The onboard LCD module can be used as an output device for the user interface. The LCD module of the DS8007 evaluation board is a 2-line, 20-character display. It contains a liquid crystal driver circuit and provides an 8-bit parallel interface to the processor. The display operation can be performed by writing the necessary controls and characters to the module, and the actual LCD is managed by the module.

Once the user completes an input, the software displays three possible transaction types on the LCD in a repeating sequence for the user to select. When the switch SW4 is pressed, the software executes the selected transaction.

Smart card details

The smart card selected in this application example is the ACOS3 card produced by Hong Kong Advanced Card Systems Limited (ACS). The card contains an embedded processor running the ACS smart card operating system version 3 (ACOS3) operating system with the following features:

* 16kB application data EEPROM memory * ISO 7816-1/2/3 compliant, T=0 protocol * Compatible with Digital Encryption Standard (DES), 3DES and Information Verification Capability (MAC)
* 5 security codes + release password * Card holder can update PIN * Key pair mutual authentication
* Session keys use random numbers * Linear files have a fixed record length * Account data structure enables secure payment applications * Full description of ACOS3 performance can be found on the ACS website. For this application example, no security features of the smart card are used, only its file structure and EEPROM storage space are used.

Smart card storage space

In this transaction example, the selected smart card must contain a certain amount of non-volatile memory space for storing information. Only two values ​​are saved in the card: the "counter" that records the number of successfully processed transactions and the "balance" of the virtual account. For this counter, an unsigned number of 1 byte is selected, which can represent 0 to 255 transactions. For the balance, a 16-bit integer is used, which can represent a value of -32,768 to +32,767. This approach allows the user to overdraw the available balance in the card (ie, generate a negative balance). Therefore, a total of 3 bytes of nonvolatile memory is required in this example.

ACOS3 file structure

When the ACOS3 card is manufactured, its 16kB EEPROM memory is divided into two parts: the internal data storage area and the user data storage area. The internal data store holds configuration data and is typically used by the operating system to manage specific functions. The user data storage area stores the operational data of the normal use of the smart card under the "actual" transaction control. In this example code, only the internal data store is used, and subsequent discussions will focus on the internal data store.

Whether it is an internal data storage area or a user data storage area, the memory accessing the ACOS3 card is performed through data files and data records. Each data file consists of a certain number of data records, up to 255. The record length of different data files can be different, but the record length is always fixed for a given data file. The file structure (file size, record length, etc.) of the internal data file is defined by the operating system and cannot be changed, but for the user data storage area, the card issuer can determine its file structure when performing personalized smart card settings. For the sake of simplicity, only the internal data file system already in the card is used, and a dedicated user data file system is no longer generated.

All files can be accessed through ACOS3's read and write record commands. These commands are sent to the smart card, and any response is received by the APDU function provided in application note 4036. Each file is identified by a 2-byte file identifier. For all internal data files, the first byte of the identifier is fixed at 0xFF. Table 1 lists the file names, file identifiers, and record structures for internal data files.

The personalization file ID=0xFF 0x02 contains three records totaling 12 bytes, and each record has a length of 4 bytes. The first record contains configuration information for certain options in the smart card, while the second and third records are not predefined. Therefore, these two records are used to save the number of transactions and account balances of the smart card in this application instance. Although a single record has enough storage space (4 bytes) to hold the three bytes required for transactions and account balances, the two data are stored in separate records for operation. This also makes it possible to increase the values ​​of these two data. The number of transactions is stored in the first byte of record 2, while the account balance is stored in the first two bytes of record 3, with the high byte first (big end).

ACOS3 command structure

The ACOS3 card has 13 basic commands. In this application example, three commands are mainly used. They are file selection, read record, and write record commands. These three commands will be explained later. All commands of the ACOS3 card conform to the format of the Application Protocol Data Unit (APDU) described in the EMV specification. The general format of an APDU includes the following parts:

* CLA command class * INS command code * P1 command parameter 1
* P2 command parameter 2
* Number of bytes given by the Lc(P3) command data field (optional)
* Command sends the data sequence in the data byte * The maximum length of the data byte expected in the data field in the Le response (optional)

File selection command

The file selection command opens a file to read/write a record of the file. It is a 7-byte command

The personalization file is the only file used in this application (see Table 1), and its file ID 0xFF 0x02 is the last two bytes of the command. As with all ACOS3 commands, a 2-byte status message is returned after successful execution with a value of 0x90 0x00. If any other value is returned, the command execution error is indicated. On the ACS website mentioned earlier, all possible error status bytes and their meanings are listed in the ACOS3 Reference Manual.

Read record command

The Read Record command reads a specified number of bytes from the identified record of the currently selected file. It is a 5-byte command

As you can see, the command contains two variable bytes: one byte indicates the record number and the other byte indicates the number of bytes (length) to read from the specified record. In this application example, all four bytes of the personalized file record are read each time, so the length is fixed at 0x04. If the read record command is executed successfully, 6 bytes of data will be returned: 4 bytes of information stored in the record, 2 bytes of status information. If the returned status byte value is not 0x90 0x00, it indicates that the command execution error, the returned data should be discarded.

Write record command

The Write Record command writes data to the specified record of the currently selected file. The length of this command can vary with the number of bytes to be written. In this example, 4 bytes are written each time,

The command contains a total of 6 variable bytes; one byte indicates the record number (0 to N-1), the other byte indicates the number of bytes to be written (length = 0x04), in addition to four data words Section. If the write record command is executed successfully, it will return two bytes of status information (0x90 0x00 is returned when the execution is successful).

Load executable

The DS8007 evaluation board is shipped with the software for this smart card transaction instance. To verify that the software is installed, you can power up the evaluation board and observe the display. If "Insert smart card in the large slot below" appears on the display, the program has been loaded. If this message is not displayed, the trading software can be loaded into the battery backup SRAM on the board via the MTK software. Application Note 4036 (see above) explains how to load an application. The file to be loaded is Trans.hex, which is included in AN4120_SW.zip and can be downloaded from the ftp website mentioned above.

After installing the trading software and disconnecting the boot loader, the processor immediately starts running the application. If the EV kit is still connected to the PC at this time, the application's RS-232 serial output will be displayed on the MTK screen. This information can be used for analysis and debugging, but can be ignored. The user should follow the instructions displayed on the LCD module. If necessary, analyze the source code to determine the meaning of the serial output.

After inserting the smart card, the current transaction number and account balance of the smart card will be displayed briefly on the LCD. The LCD then begins to cycle through the trading options—withdrawals, deposits, and smart card initialization—in order every two seconds. When the desired trading option appears, the trade can be executed by pressing the SW4 switch. At this time, the transaction execution status will be displayed on the LCD. A transaction completion message is then displayed instructing the user to remove the smart card. At this point, the trading options will be displayed cyclically, waiting for the smart card to be inserted.

Conclusion

This application note describes a smart card payment transaction system based on the DS8007 multi-protocol dual smart card interface chip and the DS5002 secure microcontroller. An ACOS3 smart card with 16kB EEPROM memory is used in the system and its information is stored in non-volatile memory using its read and write record commands. Feedback is provided to the user via an onboard 2-line 20-character LCD. The system enables deposit, withdrawal transactions and smart card initialization. Provide source code file download, which can be used to develop a real payment transaction system.


Softside Luggage

Soft Sided Luggage,Softside Luggage,Cloth Travel Suitcase,Side Zipper Trolley Case

Shan Dong Jiran Economic and Trade Limited Company , https://www.jiranbags.com

Posted on