The Research Of EMV Card Personalization System Based On GlobalPlatform Technology

EMV, which is established conjunctly by Europay, MasterCard and Visa, is a standard defining functionality for payment system IC card, and its latest version is EMV2000 specification. The dissertation first does a brief introduction of EMV application specification. EMV standard adopts asymmetric cryptography of doing offline data authentication for IC Card, and it supports only RSA algorithm at present. For Hash algorithm, it adopts SHA-1. SDA,DDA and CDA are the major methods of doing offline data authentication. Symmetric cryptography is adopted of doing online data authentication by EMV, and EMV mainly supports 3DES algorithm.Some other countries have done the EMV transfer. And china has done some work about this, and knows about the inevitability of the EMV transfer.In this dissertation, the EMV transactions and the mechanism of security is studied; the system of card personalization is designed, with paying attention to the security of data send and receive.The security mechanism of EMV specification can resolve the problems of transaction. Static data authentication,Dynamic data authentication and combined DDA can prevent false card and false terminal; Cardholder verification can prevent false cardholder; using certain keys generate the transaction authentication code can prevent reworking the data of terminal and damage the profit of cardholder; using the trustworthy CA, make sure the authenticity of bank; using encrypting and message authentication make sure the security of data transport.The software and hardware environment of personalization is simulated in this dissertation, the personalization system is designed. There are three parts of this system, these are key management subsystem,data prepare subsystem and personalization subsystem. Design the detailed function and structure of all the subsystems, also about the input and output file.Key management subsystem manage the whole life cycle of key generation, key duplication, key renewing, key service, key transportation, key introduction and key destruction. Key management subsystem supports the symmetric cryptography and asymmetric cryptography and abstract cryptography.Data prepare subsystem connect with the outer data source, introducing the data of cardholder from issuer, and transform to the format which is accepted by personalization subsystem, and generate the application keys and other data, such as static data,certifications, etc.Personalization subsystem receive the personal data files,personal scripts and all kinds of profiles, write the data and key into the card using APDU, complete the process of personalization.