PTOISBIOBa (03-09)
`Doc code: IDS
`Approved for use through 0413012009. OMB 0651-0031
`Doc description: Information Disclosure Statement (IDS) Filed
`US. Patent and Trademark Office; US. DEPARTMENT OF COMMERCE
`Under the Paperwork Reduction Act of 1995, no persons are required to respond to a collection of information unless it contains a valid OMB control number.
`
`
`12376360
`
`Application Number
`
`2009-02-04
`
`INFORMATION DISCLOSURE
`
`STATEMENT BY APPLICANT
`
`(Not for submission under 37 CFR 1.99)
`
`
`Filing Date
`Bruno CHARRAT
`First Named Inventor
`
`Art Unit
`2431
`
`
`
`Examiner Name
`
`Not Yet Assigned
`
`10000—132US (100405US/WO)
`
`Attorney Docket Number
`
`
`
`
`
` U.S.PATENTS Remove
`
`Examiner Cite
`.
`.
`*
`Initial
`No
`
`Patent Number
`
`Kind
`Code1
`
`Issue Date
`
`Name of Patentee or Applicant Pages,Columns,Lines where
`.
`Relevant Passages or Relevant
`of Cited Document
`Figures Appear
`
`
`
`If you wish to add additional US. Patent citation information please click the Add button.
`
`U.S.PATENT APPLICATION PUBLICATIONS
`
`Add
`
`_—
`
`Examiner
`.
`.
`,,
`Initial
`
`Publication Number
`
`Publication
`Kind
`Code1 Date
`
`Name of Patentee or Applicant
`of cited Document
`
`Pages,Columns,Lines where
`Relevant Passages or Relevant
`Figures Appear
`
`If you wish to add additional U.S. Published Application citation information please click the Add button.-
`FOREIGN PATENT DOCUMENTS
`
`
`
`
`Name of Patentee or
`
`Applicant of Cited
`Document
`
`Pages,Columns,Lines
`where Relevant
`
`Passages or Relevant
`Figures Appear
`
`T5
`
`
`
` Examiner Cite
`
`
`
`
`
`
`
`Examiner
`Initial"
`
`Cite Foreign Document
`
`Country
`Code2 i
`
`Kind
`Code4
`
`Publication
`Date
`
`
`
`If you wish to add additional Foreign Patent Document citation information please click the Add button
`NON-PATENT LITERATURE DOCUMENTS
`
`
`
`Include name of the author (in CAPITAL LETTERS), title of the article (when appropriate), title of the item
`(book, magazine, journal, serial, symposium, catalog, etc), date, pages(s), volume-issue number(s),
`publisher, city and/or country where published.
`
`T5
`
`|nitia|s*
`
`No
`
`EFS Web 2.1.12
`
`Apple Ex. 1030, p. 1
`Apple Ex. 1030, p. 1
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`INFORMATION DISCLOSURE
`STATEMENT BY APPLICANT
`(Not for submission under 37 CFR 1.99)
`
`Application Number
`
`12376360
`
`
`
`Filing Date
`2009—02—04
`First Named Inventor
`Bruno CHARRAT
`
`A” Unit
`2431
`
`Examiner Name
`
`
`Attorney Docket Number
`
`
`
`
`
`
`
`Not Yet Assigned
`
`10000-132US (100405US/WO)
`
`
`
`
`
`"Identification cards - Integrated circuit(s) cards with contacts", International Standard ISO/IEC 7816-1, First Edition
`(10/15/1998).
`
`
`1
`
`2
`
`AFNOR, "Identification cards - Integrated circuit(s) cards with contacts", International Standard ISO/IEC 7816-1, First
`Edition (10/15/1998), Amendment 1 (11/15/2003).
`
`AFNOR, "Identification cards — Integrated circuit cards", International Standard ISO/IEC 7816—2, First Edition
`(03/01/1999), Amendment 1 (06/01/2004).
`
`
`3
`
`4
`
`5
`
`AFNOR, "Identification cards - Integrated circuit cards", International Standard ISO/IEC 7816-2, Second Edition
`(10/15/2007).
`
`AFNOR, "Identification cards — Integrated circuit cards", International Standard ISO/IEC 7816—3, Third Edition
`(11/01/2006).
`
`IX
`
`
`"Information technology — Identification cards — Integrated circuit(s) cards with contacts", International Standard ISO/
`IEC 7816—4, First Edition (09/01/1995), Amendment 1 (12/15/1997).
`
`
`6
`
`7
`
`AFNOR, "Identification cards - Integrated circuits cards", International Standard ISO/IEC 7816-4, Second Edition
`(01/15/2005).
`
`"Identification cards — Integrated circuIt(s) cards with contacts", International Standard ISO/IEC 7816—5, First Edition
`(06/15/1994), Amendment 1 (12/15/1996).
`
`
`8
`
`9
`
`AFNOR, "Identification cards — Integrated circuit cards", International Standard ISO/IEC 7816—5, Second Edition
`(12/01/2004).
`
`10
`
`AFNOR, "Identification cards - Integrated circuit cards", International Standard ISO/IEC 7816-6, Second Edition
`(05/15/2004).
`
`11
`
`AFNOR, "Identification cards — Integrated circuit cards", International Standard ISO/IEC 7816—6AC1, (06/15/2006).
`
`
`
`EFS Web 2.1.12
`
`Apple Ex. 1030, p. 2
`Apple Ex. 1030, p. 2
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`INFORMATION DISCLOSURE
`
`STATEMENT BY APPLICANT
`
`(Not for submission under 37 CFR 1.99)
`
`12376360
`Application Number
`
`Filing Date
`Bruno CHARRAT
`First Named Inventor
`
` 2009—02—04
`
` Attorney Docket Number
`
`
`Not Yet Assigned
`10000-132US (100405US/WO)
`
`Examiner Name
`
`Art Unit
`
`2431
`
`
`5 Applicant is to place a check mark here If
`
`
`
`
`
`"Identification cards - Integrated circuit(s) cards with contacts", International Standard ISO/IEC 7816-7, First Edition
`(03/01/1999).
`
`
`12
`
`13
`
`"Identification cards - Integrated circuit(s) cards with contacts", International Standard ISO/IEC, FDIS, 7816-8, Final
`Draft (1998).
`
`AFNOR, "Identification cards — Integrated circuit(s) cards with contacts", International Standard ISO/IEC, FDIS, 7816—9,
`(12/21/1999).
`
`
`14
`
`15
`
`AFNOR, "Identification cards - Integrated circuit cards with contacts", International Standard ISO/IEC 7816-15/AC1,
`(OT/0112004).
`
`16
`
`AFNOR, "Identification cards — Integrated circuit cards with contacts", International Standard ISO/IEC 7816—15, First
`Edition, (01/15/2004).
`
`IX
`
`
`17
`
`"Identification cards — Contactless integrated circuit(s) cards — Proximity cards", International Standard ISO/IEC
`14443—2, First Edition (07/01/2001).
`
`18
`
`DIN, "Identification cards - Contactless Integrated circuit(s) cards - Proximity cards", International Standard ISO/IEC
`WD 14443-2, (01/26/2007).
`
`"Identification cards — Contactless integrated circuit(s) cards — Vicinity cards", International Standard ISO/IEC 15693—3,
`19
`First Edition (04/01/2001 ).
`
`
`
`
`If you wish to add additional non-patent literature document citation information please click the Add button
`EXAMINER SIGNATU RE
`
`
`
`Examiner Signature Date Considered
`
`*EXAMINER: Initial if reference considered, whether or not citation is in conformance with MPEP 609. Draw line through a
`
`citation if not in conformance and not considered. Include copy of this form with next communication to applicant.
`
`2 Enter office that issued the document, by the two-letter code (WIPO
`1 See Kind Codes of USPTO Patent Documents at www.USPTO.GOV or MPEP 901.04.
`Standard ST.3). 3 For Japanese patent documents, the indication of the year of the reign of the Emperor must precede the serial number of the patent document.
`4 Kind ofdocument by the appropriate symbols as Indicated on the document under WIPO Standard ST.16 if possible.
`English language translation is attached.
`
`
`EFS Web 2.1.12
`
`Apple Ex. 1030, p. 3
`Apple Ex. 1030, p. 3
` Apple v. Fintiv
`Apple v. Fintiv
`lPR2020-00019
` IPR2020-00019
`
`

`

`INFORMATION DISCLOSURE
`STATEMENT BY APPLICANT
`(Not for submission under 37 CFR 1.99)
`
`Application Number
`
`12376360
`
`
`
`2009—02—04
`Filing Date
`First Named Inventor
`Bruno CHARRAT
`
`Art Unit
`2431
`Examiner Name
` Not Yet Assigned
`Attorney Docket Number
`10000-132US (100405USIWO)
`
`
`
`
`CERTIFICATION STATEMENT
`
`Please see 37 CFR 1.97 and 1.98 to make the appropriate selection(s):
`
`|:I
`
`That each item of information contained in the information disclosure statement was first cited in any communication
`from a foreign patent office in a counterpart foreign application not more than three months prior to the filing of the
`information disclosure statement. See 37 CFR 1.97(e)(1).
`
`OR
`
`That no item of information contained in the information disclosure statement was cited in a communication from a
`
`foreign patent office in a counterpart foreign application, and, to the knowledge of the person signing the certification
`after making reasonable inquiry, no item of information contained in the information disclosure statement was known to
`any individual designated in 37 CFR 1.56(c) more than three months prior to the filing of the information disclosure
`statement. See 37 CFR 1.97(e)(2).
`
`El
`
`:| See attached certification statement.
`
`:| Fee set forth in 37 CFR 1.17 (p) has been submitted herewith.
`
`
`
`2| None
`
`SIGNATURE
`
`A signature of the applicant or representative is required in accordance with CFR 1.33, 10.18. Please see CFR 1.4(d) for the
`form of the signature.
`
`
`Signature
`
`lJohn D. Simmons/
`
`Date (YYYY-MM-DD)
`
`
`
`
`
`
`
`
`
`
`
` 2009-04-06
`
`
`
`Name/Print 52225 John D. Simmons Registration Number
`
`This collection of information is required by 37 CFR 1.97 and 1.98. The information is required to obtain or retain a benefit by the
`public which is to file (and by the USPTO to process) an application. Confidentiality is governed by 35 U.S.C. 122 and 37 CFR
`1.14. This collection is estimated to take 1 hour to complete, including gathering, preparing and submitting the completed
`application form to the USPTO. Time will vary depending upon the individual case. Any comments on the amount of time you
`require to complete this form and/or suggestions for reducing this burden, should be sent to the Chief Information Officer, US.
`Patent and Trademark Office, US. Department of Commerce, PO. Box 1450, Alexandria, VA 22313-1450. DO NOT SEND
`FEES OR COMPLETED FORMS TO THIS ADDRESS. SEND TO: Commissioner for Patents, P.O. Box 1450, Alexandria,
`VA 22313-1450.
`
`EFS Web 2.1.12
`
`Apple Ex. 1030, p. 4
`Apple Ex. 1030, p. 4
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`Privacy Act Statement
`
`
`The Privacy Act of 1974 (P.L. 93-579) requires that you be given certain information in connection with your submission of the
`attached form related to a patent application or patent. Accordingly, pursuant to the requirements of the Act, please be advised
`that:
`(1) the general authority for the collection of this information is 35 U.S.C. 2(b)(2); (2) furnishing of the information solicited
`is voluntary; and (3) the principal purpose for which the information is used by the US. Patent and Trademark Office is to
`process and/or examine your submission related to a patent application or patent.
`If you do not furnish the requested
`information, the US. Patent and Trademark Office may not be able to process and/or examine your submission, which may
`result in termination of proceedings or abandonment of the application or expiration of the patent.
`
`The information provided by you in this form will be subject to the following routine uses:
`
`1.
`
`2.
`
`3.
`
`4.
`
`5.
`
`6.
`
`7.
`
`The information on this form will be treated confidentially to the extent allowed under the Freedom of Information Act
`(5 U.S.C. 552) and the Privacy Act (5 U.S.C. 552a). Records from this system of records may be disclosed to the
`Department of Justice to determine whether the Freedom of Information Act requires disclosure of these record 5.
`
`A record from this system of records may be disclosed, as a routine use, in the course of presenting evidence to a
`court, magistrate, or administrative tribunal, including disclosures to opposing counsel in the course of settlement
`negotiations.
`
`A record in this system of records may be disclosed, as a routine use, to a Member of Congress submitting a
`request involving an individual, to whom the record pertains, when the individual has requested assistance from the
`Member with respect to the subject matter of the record.
`
`A record in this system of records may be disclosed, as a routine use, to a contractor of the Agency having need for
`the information in order to perform a contract. Recipients of information shall be required to comply with the
`requirements of the Privacy Act of 1974, as amended, pursuant to 5 U.S.C. 552a(m).
`
`A record related to an International Application filed under the Patent Cooperation Treaty in this system of records
`may be disclosed, as a routine use, to the International Bureau of the World Intellectual Property Organization, pursuant
`to the Patent Cooperation Treaty.
`
`A record in this system of records may be disclosed, as a routine use, to another federal agency for purposes of
`National Security review (35 U.S.C. 181) and for review pursuant to the Atomic Energy Act (42 U.S.C. 218(c)).
`
`A record from this system of records may be disclosed, as a routine use, to the Administrator, General Services, or
`his/her designee, during an inspection of records conducted by GSA as part of that agency's responsibility to
`recommend improvements in records management practices and programs, under authority of 44 U.S.C. 2904 and
`2906. Such disclosure shall be made in accordance with the GSA regulations governing inspection of records for this
`purpose, and any other relevant (i.e., GSA or Commerce) directive. Such disclosure shall not be used to make
`determinations about individuals.
`
`8.
`
`A record from this system of records may be disclosed, as a routine use, to the public after either publication of the
`application pursuant to 35 U.S.C. 122(b) or issuance of a patent pursuant to 35 U.S.C. 151. Further, a record may be
`disclosed, subject to the limitations of 37 CFR 1.14, as a routine use, to the public if the record was filed in an application
`which became abandoned or in which the proceedings were terminated and which application is referenced by either a
`published application, an application open to public inspections or an issued patent.
`
`9.
`
`A record from this system of records may be disclosed, as a routine use, to a Federal, State, or local law
`enforcement agency, if the USPTO becomes aware of a violation or potential violation of law or regulation.
`
`
`
`
`
`
`
`EFS Web 2.1.12
`
`Apple Ex. 1030, p. 5
`Apple Ex. 1030, p. 5
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`STD-ISO ?&ll:-‘-I-EN6L l‘l‘lS - HBSL‘iUB [REBEL—3 WEE -
`
`INTERNATIONAL
`
`ISO/IEC
`
`STANDARD
`
`781 6-4
`
`First edition
`1 995-09-01
`AMENDMENT 1
`1 997-1 2-1 5
`
`
`
`Information technology — Identification
`cards — Integrated circuit(s) cards with
`contacts —
`
`Part 4:
`
`Interindustry commands for interchange
`
`AMENDMENT 1: Impact of secure messaging
`on the structures of APDU messages
`
`Technologies de l'infonnation — Cartes d’identification — Caries a circuit(s)
`integreYs) 52 contacts —
`
`Partie 4: Commandes intersectoriefles pour les échanges
`
`AMENDEMENT 1: Impact de la messagerie de sécurité sur les structures
`des messages APDU
`
`
`
`
`
`Reference number
`ISO/l EC 7816-4: 1 995/Amd.1:199?(E)
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`11:21:01
`
`Information Handling Services,
`
`Apple Ex. 1030, p. 6
`Apple Ex. 1030, p. 6
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`STD-ISO 7filE-H-ENGL 1.955 - HEEL-“”33 {WEBELE 5T“! -
`
`ISO/{EC 7816-4:1995[Amd.1:1997(E)
`
`Contents
`
`Foreword .........................................................................................................
`
`introduction .....................................................................................................
`
`Revision of table 19 .......................................................................................
`
`Revision of table 21 .........................................................................................
`
`5.7
`
`Impact of secure messaging on the structures of APDU messages ......
`
`Annex F (informative) Use of secure messaging .........................................
`
`Page
`
`iii
`
`iv
`
`‘1
`
`'l
`
`2
`
`3
`
`© ISO/1521937
`this publication may be
`All
`rights reserved. Unless otherwise specified, no part of
`reproduced or utilized in any form or by any means, electronic or mechanical,
`including
`photocopying and microfilm, without permission in writing from the publisher
`ISOIIEC Copyright Office - Case postale 55 o CH-lZl 1 Geneva 20 . Switzerland
`Printed in Switzerland
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`11:21:01
`
`Information Handling Services,
`
`Apple Ex. 1030, p. 7
`Apple Ex. 1030, p. 7
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`STD-ISO 7&lb-ll-EN6L 1.335 - ”551.383 D733hlx=| 735 -
`
`© ISO/l EC
`
`ISOIIEC 7816-4:19951Amd.1:1997(E)
`
`Foreword
`
`ISO (the International Organization for Standardization) and EC (the International
`Electrotechnical Commission} form the specialized system for worldwide
`standardization. National bodies that are members of ISO or IEC participate in the
`development
`of
`International Standards
`through
`technical
`committees
`established by the respective organization to deal with particular
`fields of
`technical activity.
`ISO and IEC technical committees collaborate in fields of
`mutual
`interest. Other
`international organizations, governmental and non-
`governmental, in liaison with ISO and lEC, also take part in the work.
`
`ISO and IEC have established a joint
`In the field of information technology,
`technical committee,
`ISOIlEC JTC 1. Draft International Standards adopted by
`the joint
`technical committee are circulated to national bodies for voting.
`Publication as an International Standard requires approval by at least 75 % of the
`national bodies casting a vote
`
`to International Standard ISO/IEC 781641995 was prepared by
`Amendment 1
`Joint Technical Committee ISO/IEC JTC 1,
`information technology. Subcom-
`mittee SC 17, Identification cards and related devices.
`
`COPYRIGHT 2000 International Organization for Standardization
`1:21:01
`March 03, 2000
`
`Information Handling
`
`Serv;ces,
`
`Apple Ex. 1030, p. 8
`Apple Ex. 1030, p. 8
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020—00019
` IPR2020-00019
`
`iii
`
`

`

`STD-ISO ?Ex].b-'-l-EN6L 1';qu - 9551303 D?33!:EB H5? -
`
`ISO/IEC 7816-4:1995IAmd.1:1997(E}
`
`© lSO/lEC
`
`Introduction
`
`The integrated circuifls) cards with contacts are identification cards intended for
`information exchange negotiated between the outside and the integrated circuit
`in the card» As a result of an information exchange, the card delivers information
`{computation results, stored data), andfor modifies its content (data storage,
`event memorization).
`
`Part 4 of lSO/lEC 7816 is one of a series of standards describing the parameters
`{or such cards and the use of such cards for international interchange.
`
`This amendment fixes the impact of secure messaging on the structures of
`APDU messages.
`
`iv
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`11:21:01
`
`Information Handling Services,
`
`Apple Ex. 1030, p. 9
`Apple Ex. 1030, p. 9
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`STD-ISO Tfilb-H-ENGL 1:135 - 19651303 07333321. 3°13 -
`
`© lSO/iEC
`
`ISOIIEC 7816-4?! 995/Amd.1 :1 997(E)
`
`Information technology — Identification cards —
`Integrated circuifls) cards with contacts —
`
`Part 4:
`
`Interindustry commands for interchange
`
`Impact of secure messaging on the
`AMENDMENT 1:
`structures of APDU messages
`
`In table 79, replace the last line by the following two lines.
`
`'97’
`'96“,
`'98‘
`
`—Value of Le in the unsecured command
`—Status information (erg, SW1 SW2)
`
`In table 21, repiace the value 'BA' by the foifowing two vaiues.
`
`‘AC', ’BC‘
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`11:21:01
`
`Information Handling SerVices,
`
`Apple Ex. 1030, p. 10
`Apple Ex. 1030, p. 10
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020—00019
` IPR2020-00019
`
`

`

`STIIMISO 7BLb-i-l-ENGL l‘l‘iS - RSSl‘lUB [1733522 BET -
`
`ISO/IEC 781 6-4:1 995/Amd.1 :1 997(E)
`
`© lSO/IEC
`
`insert the following subclause.
`
`5.7 Impact of secure messaging on the
`structures of APDU messages
`
`The structures of APDU messages are specrfied In 5.3.
`According to 5.3.1.
`the command APDU consists of a
`mandatory command header of four bytes conditionally
`followed by a command body (see figures 3 and 4);
`the
`decoding of the command body lS specified in 5.32 [see
`figure 5 and table 5). According to 5.3.3,
`the response
`APDU consists of a conditional response body followed by
`a mandatory response trailer of two bytes (see figure 6).
`Figure 8 shows the structures of APDU messages.
`
`Command header
`CLA lNS P1 P2
`{four bytes)
`
`Command body
`[Lc field]
`[Data field]
`[Le field]
`(L bytes, denoted as B, to BL)
`
`Res- onse bod
`iData field]
`(L, data bytes}
`
`Response trailer
`SW1 SW2
`(two bytes)
`
`Figure 8 — Structures of APDU messages
`
`Clause 6 specifies APDU commands and responses for
`basic interindustry commands. Clause 7 specifies APDU
`commands
`and
`responses
`for
`transmission—oriented
`interindustry commands. Clauses 6 and 7 do not describe
`the impact of
`secure messaging (see 5.6) on the
`structures
`of APDU messages. Consequently,
`the
`semantic meanings of
`length fields and data fields in
`clauses 6 and 7 may seem in contradiction with their
`syntactic meanings in 5.3.
`'
`
`This subclause specifies the impact of secure messaging
`as specified in 5.6 on the structures of APDU messages
`as specified in 5.3, so as to avoid the aforementioned
`possible misunderstanding.
`
`For securing an APDU command where CLA has an appro—
`priate value according to table 9, namely ‘0X',
`'8X'.
`'9X‘
`or 'AX',
`the bit b4 in CLA shall be set to 1, which is
`indicated as CLA’ in figure 9 and annex F;
`if present, the
`command body shall be decoded according to 5.3.2 and
`encapsulated as follows.
`— if there is a data field. the LL. data bytes shall be
`carried
`neither by a plain value data object
`‘BZ’, ’83'. see table 18),
`I or by a data object for confidentiality (from ‘84' to
`'87', see table 22).
`the value of La shall be
`———lf there is an L9 field.
`carried by 3 Le data object (either
`‘96’ or ‘97‘. see
`table 19); the value field codes an unsigned positive
`integer on one or two bytes; both the null value and
`the empty data object mean the maximum.
`
`('80‘,
`
`'81‘,
`
`Similarly,
`follows.
`
`the response APDU shall be encapsulated as
`
`— if there is a data field, the L, data bytes shall be
`carried
`ceither by a plain value data obiect
`‘BZ’,
`'BS', see table 19},
`0 or by a data obiect for confidentiality (from '84'
`‘87", see table 22).
`-— if needed, the response trailer shall be carried by a
`status information data object {‘99', see table 19); the
`empty data object means SW1 SW2 = '9000'.
`
`('80',
`
`‘8‘l'.
`
`to
`
`9
`Figure
`messages.
`
`shows
`
`the
`
`structures
`
`of
`
`secured APDU
`
`— Every new data field may carry additional SM data
`objects, e.g.. a cryptographic checksum {‘SE‘} at the
`end. Annex F provides illustrative examples.
`—The new Lc field gives the length of the new data
`field of the secured command APDU.
`
`— The new Le field shall be empty when no data field
`is
`expected
`in
`the
`secured
`response APDU;
`otherwise, it shall contain only zeroes.
`«The new response trailer codes the status of the
`receiving entity after processing the secured com-
`mand.
`lt may be encapsulated for protection.
`Command header
`Command bod
`[New Lc field}
`l [New data field] =
`[T Lc Data bytes] lT ‘Ol'or‘OZ‘ Le} l
`[New Le field]
`
`
`
`CLA' lNS P1 P2
`(four bytes)
`
`Response body
`{New data field] =
`{T Lr Data bytes} [T '02' New SW1 SW21
`
`Res - nse trailer
`New SW1 SW2
`(two bytes)
`
`Figure 9 — Structures of secured APDU messages
`
`NOTES
`
`The lengths from 1 to 127 are coded in the same way in BER-TLV
`1
`length fields as in APDU length fields. The codings differ for 128 and
`more.
`
`As stated above, further or other SM data objects may be
`2
`present In the new data fields.
`3 When securing messages, it is not always apparent whether the
`data to be protected have a BER-TLV structure. Then the tags ‘80'. '81',
`‘86“ and '87’ are recommended.
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`11:21:01
`
`Information HandIing Services,
`
`Apple Ex. 1030, p. 11
`Apple Ex. 1030, p. 11
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020—00019
` IPR2020-00019
`
`

`

`STILISO 7&lb-R-ENGL LEWIS - HBSIHBB 3733533 Mal: -
`
`© ISO/IEO
`
`ISOII EC 781 6-4:1 995lAmd.1 :1 997(E}
`
`Replace the existing annex F (two pages} by the following revision (three pages).
`
`Annex F
`
`(informative)
`
`Use of secure messaging
`
`F.1 Abbreviations
`
`— Case 1.a — Status not to be protected
`
`the following abbrevie
`
`For the purposes of this annex,
`tions apply.
`CC cryptographic checksum
`CG cryptogram
`CH command header (CLA INS P1 P2)
`CR control reference
`FR file reference
`KR
`key reference
`L
`length
`LE
`value of Le in the unsecured command (one or two
`bytes coding an unsigned positive integer; the null
`value means the maximum)
`padding bytes (‘80' followed by O to k-1 times ‘00'
`where k is the block length)
`padding indicator byte
`Pl
`plain value
`Pv’
`RD response descriptor
`T
`tag
`ll
`concatenation
`
`PB
`
`F.2 Cryptographic checksum
`According to 5.7,
`the use of cryptographic checksums
`(see 5.6.3.1) is shown for the four cases defined in table
`4 and figure 4.
`in the examples, the value of LCC is four.
`CLA“ indicates the use of secure messaging, Le, the bit
`D4 is equal to ‘l
`in CLA which is equal to ‘0X',
`'8X’, ’9X‘ or
`'AX' according to table 9.
`
`— Case 1 — No data, no data
`
`The unsecured command-response pair is as follows.
`Command header
`Command body
`
`The secured command APDU is as follows.
`Command header
`Command body
`CLA’
`INS P1 P2
`New Lcfield (one byte = '06') ll
`New data field
`(six bytes)
`
`New data field = One data object =
`ch ll Lcc ll CC
`
`Data covered by CC (133:1 in CLA‘) = One block =
`CH ll PB
`
`The secured response APDU is as follows
`Response bod
`
`Res. nee trailer
`New 5m swz
`
`— Case 1.b — Status to be protected
`
`The secured command APDU is as follows.
`Command header
`Command body
`New LC field (one byte =‘06’) ll
`New data field
`{six bytes)
`New Le held
`(one byte : ’00’)
`
`ll
`
`CLA‘ lNS P1 P2
`
`New data field = One data object =
`To: ll LCC ll CC
`
`Data covered by CC (b3=1 in CLA’) = One block =
`CH ll PB
`
`The secured response APDU is as follows.
`Response body
`New data field
`
`Response trailer
`New SW1 SW2
`
`New data field = Two data obiects =
`Tsw (131:1) ll st ll SW (= New SW1 SW2) ll
`ch ll LCC ll CC
`
`Response body
`
`Response trailer
`sww SW2
`
`Data covered by CC = One block =
`Tsw "31:1, ll st ll SW M PB
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`1:21:01
`
`Information Handling Serv1ces,
`
`Apple Ex. 1030, p. 12
`Apple Ex. 1030, p. 12
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020—00019
` IPR2020-00019
`
`

`

`STD-ISO 7BLE-H-EN6L 1:335 - HBSL‘IUB U?33l:E'-l UTE -
`
`ISOI'IEC 781 6-4:1995lAmd.1 :1 997(E)
`
`© lSO/lEC
`
`— Case 2 — No data. data
`
`The secured response APDU is as follows.
`Response body
`Empty
`
`Response trailer
`New SW1 SW2
`
`The unsecured command—response pair is as follows.
`Command header
`Command body
`CLA INS P1 P2
`Lefield
`Response body
`Data field
`
`Res-onse trailer
`SW1 SW2
`
`pl The secured command APDU is as follows.
`
`— Case 3.b — Status to be
`
`retested
`
`The secured command APDU is as follows.
`Command header
`body
`CLA‘
`INS P1 P2
`New Lc field ll New data field ll
`New Le field (one or two bytes — ‘OO'l
`
`New data field : Two data objects :
`TLE (b1=1) ll LLE ll LE ll
`
`ch " Lcc " CC
`Data covered by CC =
`0 One block if [33:0 in CLA* =
`TLE (bl=1l ll LLE ll LE ll PB
`0 Two blocks if b3=1 m CLA* =
`CH ll P8 n
`TLE (131:1) ll LLE |I LE 11 PB
`
`The secured response APDU is as follows.
`
`New data field = Three data obiects =
`Tpv (b1=1) ll va ll PV ll
`%:V‘EI(E:C_J )CHCLSW ll SW (_ New SW1 SW2] H
`Data covered by CC = One or more blocks =
`TPV (bl=l) ll va ll PV ll [TSW (b1=l) ll st ll SW1 ll PB
`
`— Case 3 — Data. no data
`
`The unsecured command-response pair is as follows.
`Command header
`Command body
`CLA INS P1 P2
`l.c field
`ll Data field
`
`Response bodv
`Empty
`
`Response “"3"”
`SW1 SW2
`
`—— Case 3.a — Status not to be protected
`
`The secure‘j command APDU '5 as fo'lows‘
`Command header
`Command body
`cw P1 P2
`
`New data field = Two data objects =
`TW (b1=ll u LW ll Pv ll
`Tee ll Lcc ll CC
`
`4
`_
`Data COVEVEd by CC =
`. One or more b‘OCkS If b3=0 In CLA* =
`TPv lb1=1l II LW ll PV n PB
`. Two or more blocks if b3=1 in CLA“ =
`CH ll PB ll
`Tpvlb1=ll ” Lw H W N PB
`
`Command header
`CLA" INS P1 P2
`
`Command body
`i:
`New LC field
`ll New datafield
`New l.e field (one or two bytes = '00')
`
`New data field = Two data objects =
`TW lb1=1) ll va ll PV ll
`ch ll Lu; ll CC
`
`Data covered by CC =
`. One or more blocks if b3=0 in CLA* =
`TPV (blzl) ll LFV ll PV 1! PB
`* Two or more blocks if b3=l in CLA‘ =
`CH ll PB ll
`TE“, (b1=1) 1| LW 11 PV H FB
`
`The secured response APDU is as follows.
`Response body
`
`Response [raner
`
`.
`.
`New data field = Two data objects =
`Tsw {ma} ll Law II SW (= New SW1 SW2) ll
`ch ll LCC ll CC
`Date covered by CC = One block =
`TSW (131:1; 11 st 11 SW ll PB
`
`-- Case 4 —- Data, data
`
`The unsecured command-response pair is as follows
`Command header
`Command bod
`
`Lc field ll Data field ll Lefield
`CLA lNS P1 P2
`Res . onse body
`Response trailer
`Data field
`SW1 SW2
`
`The secured command APDU is as follows.
`Command header
`Command body
`
`CLA* INS P1 P2
`
`11
`11 New data field
`New Lc field
`New Le field (one or two bytes = '00“)
`
`New data field = Three data objects =
`TPV (b1=1) ll LW |l PV II
`TLE lb1=1> 11
`l.LIE 11 LE 11
`ch ll LCC ll CC
`
`Data covered by CC =
`0 One or more blocks [f [33:0 in CLA“ :
`TPV (131:1) 1| LW ll PV 11 TLE (131:1) 11 LLE 11 LE ll PB
`0 Two or more blocks if b3=1 in CLA* =
`CH ll PB ll
`TPV lb1=1) 1| LW 11 PV u TLE (131:1) ll LE 11 LE 11 PB
`
`4
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`11:21:01
`
`Information Handling Services,
`
`Apple Ex. 1030, p. 13
`Apple Ex. 1030, p. 13
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`STD-ISO ?Blb-H-ENGL 1:195 - ”551903 l]?33|=E'S T33 -
`
`© lSO/lEC
`
`ISO/IEO 7'81 64:1 995]Amd.1 :1 997(E)
`
`The secured response APDU is as follows.
`Re onse bod
`New data field
`
`Re a - rise trailer
`New SW1 SW2
`
`New data field = Three data objects =
`Tpv(b1=1, ll vall PV ll
`l‘rsw ib1=1i u stn sw (= New swx swan n
`ch n LCC ll cc
`
`F.4 Control references
`
`The use of control references (see 5.65.1) is shown,
`
`Command data field =
`TCR ll
`i.CR ll CR
`where CR = TFR ll L5,; ll FR ll Tm ll LKR ll KR
`
`Data covered by CC = One or more blocks =
`Tpv (b1=1) ll Lev ll PV ll [Tsw lb‘l =1) ll st ll SW! ll PB
`
`F.5 Response descriptor
`
`F.3 Cryptograms
`
`The use of cryptograms with and without padding (see
`5.8.4) is shown in data fields (command APDU as well as
`response APDU). Instead of the plain value data objects
`in the previous examples. data objects for confidentiality
`shall be used as follows.
`
`— Case a — Plain data not coded in BER-TLV
`
`Data field =
`Tplce ll LP, CG ii Pl u CG
`
`Data carried by CC: = One or more blocks =
`Non BER-TLV coded data
`and padding bytes according to Pl
`
`— Case b — Plain data coded in BER-TLV
`
`Data field =
`TCG ll LCG u CG
`
`Data carried by CG = String of concealed bytes =
`BER—TLV data objects (padding depending on the
`algorithm and its mode of operation)
`
`The use of response descriptors (see 5.6.5.2) is shown.
`
`Command data field =
`Tao ll Lao ll RD
`where RD = Tpv ll
`
`'00’ ll Tc: ll ’00’
`
`Response data field =
`Tpv ll LPV ll PV ll ch ll Lcc I! CC
`
`F.6 ENVELOPE command
`
`The use of the ENVELOPE command (see 7.2) is shown.
`
`Command data field =
`TP‘ ca ll LPICS ll Pl ll CG
`Data carried by CG =
`Command APDU (starting by CH)
`and padding bytes according to Pl
`
`Response data field =
`Tm 0; ll LPr cc II Pl l3 CG
`Data carried by CG =
`Response APDU
`and padding bytes according to Pl
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`1:21:01
`
`Information Handling SerVices,
`
`Apple Ex. 1030, p. 14
`Apple Ex. 1030, p. 14
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020—00019
` IPR2020-00019
`
`

`

`STD-ISO T’Ellla-H-ENGL l‘I‘iS - ”551303 [1733585 I=|75 -
`
`
`
`ISOIIEC 781 6-4:1 995/Amd.1 :1 997(E)
`
`© ISOIIEC
`
`m I
`
`CS 35.240.15
`Descriptors: data processing.
`Price based on 5 pages
`W
`
`information interchange.
`
`identification cards,
`
`iC cards, messages, security techniques, authentication.
`
`COPYRIGHT 2000 International Organization for Standardization
`March 03, 2000
`11:21:01
`
`Information Handling Services,
`
`Apple Ex. 1030, p. 15
`Apple Ex. 1030, p. 15
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020—00019
` IPR2020-00019
`
`

`

`- HBSL‘HBB Elk-251382 TUB -
`
`INTERNATIONAL
`STANDARD
`
`ISO/IEC
`7816-4
`
`First edition
`19950901
`
`
`
`Information technology — Identification
`cards — Integrated circuifls) cards with
`contacts —
`
`Part 4:
`
`Interindustry commands for interchange
`
`Tee/meiogies de l'information — Canes d’identification — Games a
`Circuifls} intégré(s) a conlacts —
`
`Partfe 4: Commandes Ihtersectoriefles pour {es échanges
`
`
`
`
`
`IEC
`.
`
`Reference number
`ISO/IEC 7816-4:1995(E>
`
`
`COPYRIGHT 2000 International Organization for Standardization
`Information Handling Services,
`11:21:01
`March 03 , 2000
`
`Apple Ex. 1030, p. 16
`Apple Ex. 1030, p. 16
` Apple v. Fintiv
`Apple v. Fintiv
`|PR2020-00019
` IPR2020-00019
`
`

`

`
`
`- HBSL‘IDB BEEBUBB ”Mil -
`
`lSO/IEC 7816-4: 1995 (E)
`
`contents
`
`Page
`
`Foreword ..........................................................................................................
`
`introduction ..........................................................