`
`
`
`
`
`
`
`
`
`
`
`
`Common Electronic Purse Specifications
`
`Technical Specification
`
`
`
`Version 2.3
`
`March 2001
`
`
`
`Copyright CEPSCO 1999, 2000, 2001
`All rights reserved
`
`IPR2022-00412
`Apple EX1009 Page 1
`
`
`
`ii
`
`
`
`March 2001
`CEPS Technical Specification version 2.3
`TABLE OF CONTENTS
`
`1. REVISION LOG ................................................................................................................................. 1
`
`2. DOCUMENT OVERVIEW................................................................................................................ 8
`2.1
`PURPOSE ........................................................................................................................................... 8
`2.2
`INTENDED AUDIENCE ........................................................................................................................ 9
`2.3
`INCLUDED IN THIS DOCUMENT ........................................................................................................ 10
`2.4
`NOT INCLUDED IN THIS DOCUMENT ................................................................................................ 10
`2.5
`REFERENCE INFORMATION.............................................................................................................. 10
`2.5.1
`Requirement Numbering............................................................................................................ 10
`2.5.2
`References.................................................................................................................................. 11
`2.5.3 Notational Conventions ............................................................................................................. 12
`2.6
`DOCUMENT ORGANIZATION ............................................................................................................ 14
`3.
`ENTITY OVERVIEW ...................................................................................................................... 16
`3.1
`MERCHANT ACQUIRER.................................................................................................................... 16
`3.1.1
`PSAM Creators.......................................................................................................................... 17
`3.2
`LOAD ACQUIRER ............................................................................................................................. 17
`3.3
`CARD ISSUER .................................................................................................................................. 20
`3.4
`FUNDS ISSUER................................................................................................................................. 21
`3.5
`PROCESSOR ..................................................................................................................................... 21
`3.6
`SCHEME PROVIDER ......................................................................................................................... 22
`3.6.1
`Processor for the Scheme Provider ........................................................................................... 22
`3.6.2 Certification Authority............................................................................................................... 23
`POS DEVICE TRANSACTION OVERVIEW............................................................................... 24
`4.
`PURCHASE....................................................................................................................................... 24
`4.1
`CANCEL LAST PURCHASE................................................................................................................ 25
`4.2
`LOAD DEVICE TRANSACTION OVERVIEW ........................................................................... 26
`5.
`LOAD............................................................................................................................................... 26
`5.1
`CURRENCY EXCHANGE ................................................................................................................... 27
`5.2
`6. CERTIFICATES AND SIGNATURES........................................................................................... 28
`6.1
`RETRIEVAL OF CERTIFICATES FROM THE CEP CARD........................................................................ 28
`6.2
`PROCESSING CERTIFICATES FROM THE POS DEVICE ....................................................................... 31
`6.3
`VERIFYING CERTIFICATES ............................................................................................................... 32
`6.3.2
`The CEP Card Certificate Hierarchy ........................................................................................ 33
`6.3.3
`The PSAM Certificate Hierarchy............................................................................................... 37
`6.4
`DYNAMIC SIGNATURE VERIFICATION.............................................................................................. 41
`6.5
`CRYPTOGRAPHIC MECHANISMS ...................................................................................................... 41
`6.6
`UNLINKED LOAD SECURITY FLOW .................................................................................................. 43
`6.7
`SECURITY FLOW FOR POS DEVICE VALIDATION OF CEP CARDS .................................................... 44
`7.
`SCHEME PROVIDER PROCEDURES ......................................................................................... 48
`7.1
`OPERATING RULES AND REGULATIONS ........................................................................................... 48
`7.2
`CERTIFICATION................................................................................................................................ 49
`7.3
`CERTIFICATION AUTHORITY MANAGEMENT.................................................................................... 50
`7.4
`RISK MANAGEMENT........................................................................................................................ 51
`7.5
`OPERATING RULES .......................................................................................................................... 53
`
`IPR2022-00412
`Apple EX1009 Page 2
`
`
`
`March 2001
`CEPS Technical Specification version 2.3
`
`iii
`
`AGGREGATION PARAMETERS .......................................................................................................... 54
`7.6
`DISPUTE MANAGEMENT .................................................................................................................. 55
`7.7
`TRANSACTION FLOWS ..................................................................................................................... 55
`7.8
`8. CEP CARD REQUIREMENTS....................................................................................................... 56
`8.1
`COMPATIBILITY ............................................................................................................................... 56
`8.2
`MULTIPLE CURRENCIES................................................................................................................... 56
`8.3
`INTERFACE TO TERMINALS.............................................................................................................. 57
`8.3.2
`Load Devices ............................................................................................................................. 57
`8.3.3
`POS Devices .............................................................................................................................. 57
`8.3.4 Monitoring Devices ................................................................................................................... 57
`8.3.5
`Personalization Devices ............................................................................................................ 57
`8.4
`GENERAL STATUS CONDITIONS ....................................................................................................... 58
`8.5
`TRANSACTION PREPARATION........................................................................................................... 59
`8.5.1 Message Flow ............................................................................................................................ 60
`8.5.2
`Reset .......................................................................................................................................... 60
`8.5.3
`Application Selection................................................................................................................. 60
`8.6
`ISO/IEC COMMANDS...................................................................................................................... 60
`8.6.1
`Select.......................................................................................................................................... 61
`8.6.2
`Read Record .............................................................................................................................. 62
`8.7
`NON-TRANSACTION COMMANDS..................................................................................................... 64
`8.7.1 CEP Inquiry - Slot Information ................................................................................................. 64
`8.7.2 CEP Inquiry - Reference Currency............................................................................................ 67
`8.7.3 CEP Inquiry - Transaction Logs................................................................................................ 69
`8.7.4
`Implementation Specific Inquiries ............................................................................................. 74
`8.7.5 Get Previous Signature.............................................................................................................. 74
`POS DEVICE CHARACTERISTICS ............................................................................................. 77
`9.
`OVERVIEW OF A POS DEVICE ......................................................................................................... 77
`9.1
`REQUIREMENTS............................................................................................................................... 78
`9.2
`Scheme Specific Data ................................................................................................................ 78
`9.2.1
`9.2.2 Compliance with Standards....................................................................................................... 78
`9.2.3 Card Acceptance........................................................................................................................ 79
`9.2.4 Card Reader .............................................................................................................................. 79
`9.2.5 Display and Cardholder Interface Design................................................................................. 79
`9.2.6
`Split Transaction Processing..................................................................................................... 80
`9.2.7
`Power Failure............................................................................................................................ 81
`9.2.8 Data Store Requirements........................................................................................................... 81
`9.2.9
`Batch Management .................................................................................................................... 85
`9.2.10
`PSAM Hardware and Software Requirements...................................................................... 86
`10.
`POS DEVICE TRANSACTION PROCESSING....................................................................... 89
`10.1
`PURCHASE TRANSACTION ............................................................................................................... 89
`10.1.1
`Initiate Transaction............................................................................................................... 92
`10.1.2
`Recovery of the CEP Card Public Key ................................................................................. 95
`10.1.3
`Recovery of the PSAM Public Key........................................................................................ 97
`10.1.4
`Debit CEP Card.................................................................................................................. 100
`10.1.5
`Incremental Purchase Processing ...................................................................................... 110
`10.1.6
`Purchase Reversal Processing............................................................................................ 115
`10.1.7
`Complete Transaction......................................................................................................... 117
`10.1.8
`Exception Processing.......................................................................................................... 124
`10.2
`CANCEL LAST PURCHASE TRANSACTION ...................................................................................... 128
`10.2.1
`Initiate Transaction............................................................................................................. 129
`10.2.2
`Credit CEP Card................................................................................................................. 132
`10.2.3
`Exception Processing.......................................................................................................... 137
`
`IPR2022-00412
`Apple EX1009 Page 3
`
`
`
`iv
`
`March 2001
`CEPS Technical Specification version 2.3
`MERCHANT ACQUIRER PROCESSING ............................................................................. 138
`11.
`TRANSACTION PROCESSING .......................................................................................................... 138
`11.1
`11.1.1
`Validating Collected Batches.............................................................................................. 139
`11.1.2
`Creating Issuer Batches...................................................................................................... 142
`11.2
`TRUNCATION................................................................................................................................. 145
`11.3
`POS DEVICE MANAGEMENT ......................................................................................................... 145
`12.
`LOAD DEVICE CHARACTERISTICS................................................................................... 148
`12.1
`OVERVIEW OF A LOAD DEVICE...................................................................................................... 148
`12.2
`REQUIREMENTS............................................................................................................................. 149
`12.2.1
`Support for Multiple Schemes and Currencies ................................................................... 149
`12.2.2
`Compliance with Standards ................................................................................................ 149
`12.2.3
`Card Acceptance................................................................................................................. 150
`12.2.4
`Card Reader........................................................................................................................ 150
`12.2.5
`Display and Cardholder Interface Design.......................................................................... 151
`12.2.6
`Financial PIN Security ....................................................................................................... 152
`12.2.7
`Date and Time Processing .................................................................................................. 155
`12.2.8
`Power Failure ..................................................................................................................... 155
`13.
`LOAD ACQUIRER PROCESSING - LOAD TRANSACTIONS .......................................... 156
`13.1
`NORMAL PROCESSING................................................................................................................... 158
`13.1.1
`Initiate Transaction............................................................................................................. 158
`13.1.2
`Communicate with Card Issuer........................................................................................... 166
`13.1.3
`Communicate with Funds Issuer......................................................................................... 168
`13.1.4
`Credit CEP Card................................................................................................................. 169
`13.1.5
`Notification to Cardholder.................................................................................................. 173
`13.2
`EXCEPTION PROCESSING ............................................................................................................... 174
`13.2.1
`Linked Load ........................................................................................................................ 174
`13.2.2
`Unlinked Load .................................................................................................................... 178
`13.2.3
`Transaction Completion Messages ..................................................................................... 187
`13.3
`ADDITIONAL REQUIREMENTS FOR UNLINKED LOADS.................................................................... 188
`13.3.1
`Processing Requirements.................................................................................................... 188
`13.3.2
`LSAM Hardware and Software Requirements .................................................................... 189
`14.
`LOAD ACQUIRER PROCESSING - CURRENCY EXCHANGE TRANSACTION ......... 191
`14.1
`NORMAL PROCESSING................................................................................................................... 192
`14.1.1
`Initiate Transaction............................................................................................................. 192
`14.1.2
`Communicate with Card Issuer........................................................................................... 196
`14.1.3
`Exchange Currencies on CEP card .................................................................................... 198
`14.1.4
`Notification to Cardholder.................................................................................................. 200
`14.2
`EXCEPTION PROCESSING ............................................................................................................... 201
`14.2.1
`Exception Conditions.......................................................................................................... 201
`14.2.2
`Transaction Completion Messages ..................................................................................... 205
`15.
`FUNDS ISSUER PROCESSING............................................................................................... 207
`15.1
`UNLINKED LOAD TRANSACTIONS.................................................................................................. 207
`15.1.1
`Normal Processing.............................................................................................................. 207
`15.1.2
`Exception Processing.......................................................................................................... 207
`16.
`CARD ISSUER PROCESSING ................................................................................................ 208
`16.1
`ADMINISTRATIVE PROCESSING...................................................................................................... 208
`16.1.1
`Card Management .............................................................................................................. 208
`16.1.2
`Key Management ................................................................................................................ 209
`16.2
`LOAD TRANSACTIONS ................................................................................................................... 210
`
`IPR2022-00412
`Apple EX1009 Page 4
`
`
`
`March 2001
`CEPS Technical Specification version 2.3
`
`v
`
`Normal Processing.............................................................................................................. 210
`16.2.1
`Exception Processing.......................................................................................................... 214
`16.2.2
`16.3
`CURRENCY EXCHANGE TRANSACTIONS ........................................................................................ 215
`16.3.1
`Normal Processing.............................................................................................................. 216
`16.3.2
`Exception Processing.......................................................................................................... 219
`16.4
`POS TRANSACTIONS ..................................................................................................................... 219
`17.
`PROCESSING NODE TRANSFERS ....................................................................................... 224
`17.1
`TRANSACTIONS ORIGINATING AT POS DEVICES ........................................................................... 224
`17.2
`TRANSACTIONS ORIGINATING AT LOAD DEVICES.......................................................................... 224
`18.
`DATA ELEMENTS.................................................................................................................... 226
`18.1
`LIST OF DATA ELEMENTS ............................................................................................................... 226
`18.1.1
`ACCTYPE (Source Funds Account Type) ........................................................................... 227
`18.1.2
`ADL (Application Data Locator) ........................................................................................ 227
`18.1.3
`AID (Application Identifier for a CEP)............................................................................... 228
`18.1.4
`ALGLSAM (LSAM Algorithm for Unlinked Loads) ............................................................... 229
`18.1.5
`ALGH (Hash Algorithm code)............................................................................................ 229
`18.1.6
`ALGP (Cryptographic Algorithm Used with Public Keys) ................................................. 229
`18.1.7
`AMCEP (Authentication Method)......................................................................................... 230
`18.1.8
`APCEP (Application Profile of a CEP Card)........................................................................ 231
`18.1.9
`AT (Authentication Token).................................................................................................. 232
`18.1.10
`AVNCEP (Application version number) ............................................................................... 232
`18.1.11
`BAL (Balance of a CEP card slot) ...................................................................................... 233
`18.1.12
`BALmax (Maximum Balance of a CEP slot)....................................................................... 233
`18.1.13
`BALmaxISS (Advisory Maximum Balance)........................................................................... 233
`18.1.14
`CALPHA (Alpha Code of a Currency)................................................................................ 233
`18.1.15
`CCACQ (Completion Code from Merchant Acquirer) .......................................................... 234
`18.1.16
`CCCEP (Completion Code of a CEP Command).................................................................. 234
`18.1.17
`CCISS (Completion Code from a Card Issuer)..................................................................... 234
`18.1.18
`CCLACQ (Completion Code from a Load Acquirer) ............................................................. 235
`18.1.19
`CCPDA (Completion Code from a POS Device)................................................................... 235
`18.1.20
`CCTRX (Completion Code of a transaction)......................................................................... 235
`18.1.21
`CED (Certificate Expiration Date) ..................................................................................... 236
`18.1.22
`CNTRY (Country)................................................................................................................ 236
`18.1.23
`CPOCEP (Card Purchase Options) ...................................................................................... 236
`18.1.24
`CSN (Certificate Serial Number) ........................................................................................ 236
`18.1.25
`CURR (Currency ) .............................................................................................................. 237
`18.1.26
`CURRC (Currency Code) ................................................................................................... 237
`18.1.27
`CURRE (Currency Exponent)............................................................................................. 237
`18.1.28
`DD (Discretionary Data) .................................................................................................... 237
`18.1.29
`DEXP (Expiration Date for Transaction) ........................................................................... 237
`18.1.30
`DOM (Domain)................................................................................................................... 237
`18.1.31
`DS (Digital Signature) ........................................................................................................ 238
`18.1.32
`DTHR (Transaction Date and Time).................................................................................. 238
`18.1.33
`DTRM (Transmission Date)............................................................................................... 238
`18.1.34
`E6 (Encrypted S6) ................................................................................................................ 238
`18.1.35
`E6‘ (Encrypted S6’).............................................................................................................. 238
`18.1.36
`HCEP (Hash Generated by CEP Card)................................................................................. 238
`18.1.37
`HLSAM (Hash Generated by LSAM)...................................................................................... 239
`18.1.38
`H2LSAM (Hash Generated by LSAM).................................................................................... 239
`18.1.39
`IDACQ (Identifier for a Merchant Acquirer) ........................................................................ 239
`18.1.40
`IDBATCH (Identifier for a POS Transaction Batch) .............................................................. 239
`18.1.41
`IDCEP (Serial Number of a CEP Card)................................................................................ 239
`18.1.42
`IDISS (Card Issuer BIN)....................................................................................................... 240
`
`IPR2022-00412
`Apple EX1009 Page 5
`
`
`
`vi
`
`March 2001
`CEPS Technical Specification version 2.3
`IDLACQ (Identifier for a Load Acquirer) .............................................................................. 240
`18.1.43
`IDLDA (Identifier for a Load Device) ................................................................................... 240
`18.1.44
`IDPSAM (Identifier for a PSAM) ........................................................................................... 240
`18.1.45
`IDPSAMCREATOR (Identifier for the Creator of a PSAM)......................................................... 240
`18.1.46
`IDREG (Identifier for a Region)............................................................................................ 240
`18.1.47
`IDSCHEME (Identifier for a Brand or Scheme)....................................................................... 241
`18.1.48
`L (Length of CEPS Data or CEPS DD field) ...................................................................... 241
`18.1.49
`LAGGTOT (Length of Aggregated Totals Data)...................................................................... 241
`18.1.50
`LAT (Length of Authentication Token Data) ........................................................................ 241
`18.1.51
`LEN (Length) ...................................................................................................................... 242
`18.1.52
`LOCPDA (Location Description) .......................................................................................... 242
`18.1.53
`LPKM (Length of Public Key Modulus).............................................................................. 242
`18.1.54
`18.1.55 MLDA (Load Device Transaction Amount)........................................................................... 243
`18.1.56 MmaxISS (Advisory Maximum Exchange Amount) .............................................................. 243
`18.1.57 MPDA (POS Device Transaction Amount)............................................................................ 243
`18.1.58 MACLSAM (LSAM Transaction MAC)................................................................................... 243
`18.1.59 MTOT (Total Transaction Amount) .................................................................................... 243
`18.1.60 MTOTAGG (Issuer Total Aggregation Amount).................................................................... 244
`18.1.61 MTOTBATCH (Batch Total Transaction Amount).................................................................. 244
`18.1.62 MTOTmaxCURR (Maximum Purchase Transaction Amount) ............................................... 244
`18.1.63
`NTAGG (Number of Transactions Aggregated ).................................................................... 244
`18.1.64
`NTBATCH (Number of Transactions in a Batch ) ................................................................... 244
`18.1.65
`NTCEP (Transaction Number for a CEP Card ) ................................................................... 244
`18.1.66
`NTLASTCANCEL (Transaction Number of the Last Successful Cancel Last Purchase
`Transaction)........................................................................................................................................... 244
`18.1.67
`NTLASTLOAD (Transaction Number of the Last Successful Load Transaction) ..................... 245
`18.1.68
`NTPCT (Transaction Percentage) ......................................................................................... 245
`18.1.69
`NTPSAM (Transaction Number of the PSAM ) ...................................................................... 245
`18.1.70
`PDATA (Proprietary Implementation Data)....................................................................... 245
`18.1.71
`PKCA,ACQ (CA Public Key for Recovering PSAM Public Keys) .......................................... 245
`18.1.72
`PKCA,ISS (CA Public Key for Recovering CEP card Public Keys) ...................................... 245
`18.1.73
`PKISS (Issuer Public Key for Recovering CEP card Public Keys)...................................... 246
`18.1.74
`PKCACQ (Acquirer Public Key Certificate) ........................................................................ 246
`18.1.75
`PKCCEP (Card Public Key Certificate) .............................................................................. 246
`18.1.76
`PKCISS (Issuer Public Key Certificate)............................................................................... 246
`18.1.77
`PKCPSAM (PSAM Public Key Certificate) .......................................................................... 246
`18.1.78
`PKCREG,ACQ (Regional Public Key Certificate) .................................................................. 246
`18.1.79
`PKCREG,ISS (Regional Public Key Certificate) .................................................................... 246
`18.1.80
`PKMACQ (Acquirer Public Key Modulus)............................................................................ 247
`18.1.81
`PKMCA,ACQ (CA Public Key Modulus)................................................................................. 247
`18.1.8