Preview only show first 10 pages with watermark. For full document please download

9 The Smart Card Terminal File System

Rating
Date

October 2018
Size

1.2MB
Views

1,561
Categories

Computers & electronics Computers POS terminals

Transcript

Copyright © 2000-2002 KOBIL Systems GmbH. All rights reserved. This manual may not be copied, or reproduced in any other way, without prior permission by KOBIL System GmbH. This applies equally to any part of the manual. Every effort has been made to guarantee the correctness of this manual. Nonetheless, KOBIL Systems GmbH assumes no warranty regarding its correctness or completeness. The serviceability and suitability for any specific purposes is not guaranteed. Information contained in this manual is subject to change without prior notification, with no legal claims arising out of this fact. Information that was unavailable until after this manual went into print may be found – where applicable – in the file README.TXT on the enclosed data medium. For further information on KOBIL smart card terminals, technical assistance, and other KOBIL security products, confer the internet under http://www.kobil.com/. Version: 1.2 Date: December 3, 2002 Editor: hjr All brand and product name identified here are trademarks or registered trademarks the rights to which are held by their respective legal rights owners. Published by KOBIL Systems GmbH Copyright © 2000-2002 KOBIL Smart Card Terminal Manual 1 Contents 1 2 3 4 Contents ............................................................................................................... 3 Abbreviations........................................................................................................ 6 General Information .............................................................................................. 7 Installation and Startup ......................................................................................... 7 4.1 Items Included in the Package ..................................................................... 7 4.2 System Requirements .................................................................................. 8 4.3 Connecting to PC with Windows Operating System..................................... 9 4.3.1 Product: KAAN Standard Plus USB / SecOVID Reader Plus USB ........... 9 Step 1: Installing the Driver......................................................................................... 9 Step 2: Shutting down the Computer.......................................................................... 9 Step 3: Connecting the Smart Card Terminal ........................................................... 10 Step 4: Rebooting your Computer ............................................................................ 11 How to Insert the Smart card: ................................................................................... 11 Function of the ‘C’ Button ......................................................................................... 12 4.3.2 Product: KAAN Standard Plus serial / SecOVID Reader Plus serial....... 13 Step 1: Installing the Drivers..................................................................................... 13 Step 2: Shutting down the Computer........................................................................ 13 Step 3: Connecting the Smart card Terminal............................................................ 13 Step 4: Rebooting the Computer .............................................................................. 15 How to Insert the Smart card: ................................................................................... 15 Function of the ‘C’ button.......................................................................................... 16 4.4 Installing the Software ................................................................................ 17 5 Security-relevant Functions ................................................................................ 18 5.1 Secure PIN Input ........................................................................................ 20 5.2 Secure PIN Change ................................................................................... 21 5.3 SecOVID .................................................................................................... 23 5.3.1 SecOVID Online Mode ........................................................................... 24 5.3.2 SecOVID Offline Mode ........................................................................... 25 6 System Overview................................................................................................ 27 7 The CT–API........................................................................................................ 29 7.1 Functions.................................................................................................... 29 7.2 CT_init........................................................................................................ 30 7.3 CT_data ..................................................................................................... 31 7.4 CT_close .................................................................................................... 32 7.5 General Return Codes of the CT-API Functions ........................................ 32 7.6 Using the CT-API: The Example of the Public Health Insurance Card ....... 33 8 Tag Length Value (TLV) Representation ............................................................ 35 8.1 Set-up of a TLV Field ................................................................................. 35 8.2 Coding Rules.............................................................................................. 35 8.3 Coding the Tags ......................................................................................... 36 9 The Smart card Terminal File System ................................................................ 39 9.1 File Control Information .............................................................................. 39 9.2 Directories .................................................................................................. 40 9.3 Hierarchical Set-up..................................................................................... 41 9.4 HOST Configuration File ............................................................................ 41 9.5 HOST Status File ....................................................................................... 42 Page 3 KOBIL Smart Card Terminal Manual 9.6 CT Configuration File ................................................................................. 42 9.7 HOST / CT Configuration File .................................................................... 43 9.8 HOST / CT Status File................................................................................ 43 9.9 Freeze Configuration File ........................................................................... 43 9.10 Freeze Status File ...................................................................................... 44 9.11 ICC Configuration File ................................................................................ 44 9.12 ICC Status File ........................................................................................... 44 10 Application Commands .................................................................................. 45 10.1 CT Application Commands......................................................................... 45 10.2 Command Overview................................................................................... 46 10.3 Status Bytes SW1 and SW2....................................................................... 47 10.4 Erase Binary............................................................................................... 48 10.5 Verify .......................................................................................................... 49 10.6 Select File .................................................................................................. 50 10.7 Read Binary ............................................................................................... 51 10.8 Write Binary................................................................................................ 52 10.9 Reset.......................................................................................................... 53 10.10 Reset CT ................................................................................................ 54 10.11 Request ICC ........................................................................................... 55 10.12 Deactivate............................................................................................... 57 10.13 Eject ICC ................................................................................................ 58 10.14 Get Status............................................................................................... 59 10.15 Input........................................................................................................ 60 10.16 Output..................................................................................................... 61 10.17 Perform Verification ................................................................................ 62 10.18 Modify Verification Data.......................................................................... 65 10.19 Reset 1 ................................................................................................... 67 10.20 Set Interface Parameter.......................................................................... 68 10.21 Freeze .................................................................................................... 69 10.22 Wait Freeze ............................................................................................ 70 10.23 ICC Application Commands.................................................................... 71 10.24 Selecting Synchronous ICCs - (only KAAN Standard Plus).................... 72 10.25 Commands for Selecting Synchronous ICCs - (only KAAN Standard Plus) 73 10.26 File Types - (only KAAN Standard Plus)............................................... 73 10.27 Handling the Public Health Insurance Card (only KAAN Standard Plus) 73 Page 4 KOBIL Smart Card Terminal Manual Change Management Version Changes V 1.2.1 MAY 5, 03 In section10.14 Get Status in the table response DOs: the designations of the functional units in the functional unit data object have been corrected in the following manner: '01' = ICC1, '02' = ICC2, '40' = display, '50' = keyboard V 1.2 DEC 3, 02 Deployment area, replacing the battery V 1.1 NOV 21, 02 SecOVID online, synchronous protocols, TAGS table 9, image labels V 1.0 NOV 13, 02 Initial version Page 5 KOBIL Smart Card Terminal Manual 2 Abbreviations API Application Programming Interface ATR Answer to Reset CLA Class-Byte CT Smart Card Terminal CTN Card Terminal Number CWT Character Waiting Time DAD Device Address; here: Destination Address DO Data Object (also confer TLV) GKAPI GeldKarte Application Programming Interface (for German cash card type) HTSI Host Transport Service Interface IA5 International Alphabet No. 5 ICC Integrated Circuit Card ID Identification INS Instruction Byte KSS KAAN serial interface (Protocol, commands... etc.) KVK Kranken-Versicherten-Karte (German public health insurance card) LED Light Emitting Diode P1 Parameter Byte 1 P2 Parameter Byte 2 PTS Protocol Type Select SAD Source Address SW1 Status Byte 1 SW2 Status Byte 2 TLV Tag Length Value USB Universal Serial Bus Table 1: Abbreviations Page 6 KOBIL Smart Card Terminal Manual 3 General Information This manual describes the performance features, installation, operation, and programming of KOBIL smart card terminals KAAN Standard Plus and SecOVID Reader Plus. Sections 6 though 10 serve exclusively the documentation of the programming interfaces. Important information is highlighted in bold type. 4 Installation and Startup 4.1 Items Included in the Package Included in your KOBIL smart card terminal package are: • KOBIL smart card terminal KAAN Standard Plus or SecOVID Reader Plus, respectively • Data medium including manual, drivers and test applications • Set of cables (either a serial cable or a USB cable) • Device base station • Quick guide for start-up Image 1 shows the three security labels of the smart card terminal. Since the smart card terminal is offering a variety of security-related functions, it is essential for the three decals displayed on the backside of the smart card terminal (“security labels”) to show that the housing has not been tampered with. Please make sure that none of the three security labels have been removed or destroyed. This is the only way to guarantee that the smart card terminal functions properly. The security labels protect you as a consumer against unauthorized manipulation of the hardware and/or software of the smart card terminal. Please be sure to read up on the security features of the smart card terminal under Section 5. Image 1 also shows the function buttons of the smart card terminal (cancel/correct-, function-, and confirm buttons). Page 7 KOBIL Smart Card Terminal Manual 4.2 System Requirements You will need a free COM port and a (sliding contact) PS/2 socket, or a USB port. Software drivers for MS Windows 9x / ME / NT / 2000 / XP as well as for Linux, Solaris, HP-UX and OS/2 are enclosed. Drivers for MS-DOS versions 5.0 and higher, as well as for MS Windows 3.1, can be obtained from KOBIL Systems upon request. You will find other drivers as well as updated versions in the internet under www.kobil.com. Image 1: Arrangement of Buttons and Security Labels Page 8 KOBIL Smart Card Terminal Manual 4.3 Connecting to PC with Windows Operating System The smart card terminal will be ready for operation as soon as it is connected to your PC. It requires no configuration. In order to enable your application to access the smart card terminal you need to install a driver. The subsequent sections will discuss the installation process in detail. 4.3.1 Product: KAAN Standard Plus USB / SecOVID Reader Plus USB Note: Before connecting the KAAN Standard Plus / SecOVID Reader Plus you will have to install a driver! Note for Windows NT users: Windows NT will not support the USB variation of the smart card terminal at present. Step 1: Installing the Driver Start your PC. The smart card terminal has not yet been connected. Insert the driver CD enclosed. The set-up should start automatically. In case it does not, use the Explorer to start the set-up manually. Note: Please quit all running programs before starting the set-up, because the PC will automatically reboot once the set-up has been executed. Step 2: Shutting down the Computer Setup will now cause your computer to shut down. Please switch off your computer off as soon as it has shut down. Page 9 KOBIL Smart Card Terminal Manual Step 3: Connecting the Smart Card Terminal There are two options for connecting the KAAN Standard Plus / SecOVID Reader Plus to your PC: a) Use the USB cable enclosed to connect the base station of the smart card terminal to a free USB port of your PC (cf. Image 2). Afterwards, place the smart card terminal in the base station. When doing so, make sure that the triangular markings on the smart card terminal are exactly aligned with those of the base station (cf. Image 4 below). Image 2 b) Use the USB cable enclosed to connect the smart card terminal directly to a free USB port at your PC (cf. Image 3). Image 3 Note: If you are using a USB hub, please make sure that it is a socalled “powered hub” complete with its own power supply. Page 10 KOBIL Smart Card Terminal Manual Step 4: Rebooting your Computer Please switch your computer back on now. After the start of Windows the setup will resume automatically and conclude the installation. Note: Under Windows 2000 and Windows XP it can happen that a warning message regarding the digital signature of the drivers is being displayed. You may simply skip his warning message by clicking on “Continue Installation.” How to Insert the Smart card: Thanks to its card tray, the KAAN Standard Plus / SecOVID Reader Plus allows you to insert both smart cards of credit card size (ID-1 format) and smaller SIM cards (ID-000 format). Before inserting a “normal” smart card, please make sure that the tray has been removed from the device. Now insert the card with the chip (goldcolored) head-first into the smart card terminal (cf. Image 4). Image 4 Page 11 KOBIL Smart Card Terminal Manual In order to insert a small-format SIM card, please remove the tray. The SIM card can only be placed in the tray in one position. Make sure when emplacing the card that the card contacts remain visible. Afterwards, reinsert the emplaced card into the device (cf. Image 5). Image 5 Function of the ‘C’ Button During the secure PIN input, or during PIN change via the keyboard of the KAAN Standard Plus / SecOVID Reader Plus, the ‘C’ button serves the purpose of deleting the digit last entered. Pressing the ‘C’ button before any digit has been entered, or after all entered digits have been deleted, will cause the entire process to abort. Page 12 KOBIL Smart Card Terminal Manual 4.3.2 Product: KAAN Standard Plus serial / SecOVID Reader Plus serial Note: Before connecting the KAAN Standard Plus / SecOVID Reader Plus you will have to install the drivers! Step 1: Installing the Drivers Start your PC. The smart card terminal has not yet been connected. Insert the driver CD enclosed. The set-up should start automatically. If it does not, use the Explorer to start the set-up manually. Note: Please quit all running programs before starting the set-up, because the PC will automatically reboot once the set-up has been executed. Step 2: Shutting down the Computer The set-up will now shut down your computer. Please switch your computer off as soon as it has shut down. Step 3: Connecting the Smart card Terminal First of all, please make sure that your PC is switched off, otherwise you might damage the PS/2 port if the Reader is plugged in or out while the PC is up and running. Page 13 KOBIL Smart Card Terminal Manual You have two options for connecting the smart card terminal to your PC: a) Connect the base station of the smart card terminal to the serial interface (COM1 or COM2) of the PC (nine pin socket). The power is supplied through a PS/2 adapter which is looped in the PS/2 socket of keyboard or mouse, that is, the adapter is plugged directly into the PC and the keyboard or mouse into the adapter (cf. Image 6). Afterwards, place the smart card terminal in its base station. Make sure when doing so that the triangular markings are exactly aligned with those of the base station (cf. Image 8 below). Mouse or Keyboard Image 6 b) Use the Y cable enclosed to connect the smart card terminal directly to the serial interface (COM1 or COM2) of the PC (nine pin socket). The power is supplied through a PS/2 adapter which is looped in the PS/2 socket of the keyboard of the mouse, that is, the adapter is plugged directly into the PC and the keyboard or mouse into the adapter (cf. Image 7). Mouse or Image 7 Page 14 KOBIL Smart Card Terminal Manual If your computer does not come with a PS/2 port, get an adapter at your electronics dealer’s. Step 4: Rebooting the Computer Please switch your computer back on now. After the Windows start the set-up will automatically resume and conclude the installation. Note: Under Windows 2000 and Windows XP it may happen that a warning message regarding the digital signature of the drivers is displayed. You may simply skip his warning message by clicking on “Continue Installation.” How to Insert the Smart card: Thanks to its card tray, the KAAN Standard Plus / SecOVID Reader Plus allows you to insert both smart cards of credit card size (ID-1 format) and smaller SIM cards (ID-000 format). To insert a “normal” smart card, please make sure that the tray has been removed from the device. Then insert the card with the chip (gold-colored) head-first into the top of the smart card terminal (cf. image 8). Image 8 Page 15 KOBIL Smart Card Terminal Manual In order to insert a small-format SIM card, please remove the tray. The SIM card can only be placed in the tray in one position. Make sure when emplacing the card that the card contacts remain visible. Afterwards, reinsert the embedded card into the device (cf. Image 9). Image 9 Function of the ‘C’ button During the secure PIN input, or during PIN change via the keyboard of the KAAN Standard Plus / SecOVID Reader Plus, the ‘C’ button serves the purpose of deleting the digit last entered. Pressing the ‘C’ button before any digit has been entered, or after all entered digits have been deleted, will cause the entire process to abort. Page 16 KOBIL Smart Card Terminal Manual 4.4 Installing the Software If you wish to install drivers, the new smart card terminal should not yet be connected. Insert the drivers CD enclosed. The set-up should start automatically. If it does not, please use your Explorer to start the file “setup.exe” manually on your data medium (diskette or CD-ROM). Select the software of your choice and follow the steps as displayed on the screen. Note: Please quit all running program before starting the driver set-up, because your PC will automatically reboot after executing the driver setup. Download updated version of the driver software under. www.kobil.com. Optionally, you may install the files for software development in your workstation. You will need these files only if you intend to develop applications for accessing and using the smart card terminal. To this end you will have to install the corresponding header files CT_API.H and the corresponding import library and DLL into any directory. Page 17 KOBIL Smart Card Terminal Manual 5 Security-relevant Functions The KOBIL smart card terminals KAAN Standard Plus and SecOVID Reader Plus are intended for deployment in the customer’s domestic sphere and at non-public work places. They are explicitly not intended for unsupervised public usage. The smart card terminals come with several security-relevant functions designed to protect you as a user. From this perspective it is important for you to verify that the smart card terminal has not been subject to manipulation. Please see for yourself that none of the three security labels (Image 10: Security Label) has been removed or destroyed (Image 1: Arrangement of Buttons and Security Labels). This is the only way to guarantee that the smart card terminal is functioning properly. The security labels are printed on a special film, making it impossible to remove a given label without destroying it. Another security feature is the special imprint. When exposed to UV light, the lettering “KOBIL” will become visible. The security labels are designed to protect you as customer against unauthorized manipulation of the hardware and/or software of the smart card terminal. Image 10: Security Label Please make sure before taking any security-relevant functions into operation that your KOBIL smart card terminal is equipped with a certified firmware for the purpose. The respective firmware version is identified on the label in the back of the smart card terminal. Page 18 KOBIL Smart Card Terminal Manual KOBIL Smart Card Certification / Evaluation Terminal ITSEC “E2-high,” SecOVID Reader Plus1 KAAN Standard Plus Versions FW: 02101612 confirmed in compliance with the German Signature Act (SigG) ITSEC “E2-high,” FW: 02101652 confirmed in compliance with the German Signature Act (SigG) Table 2: Certified Firmware Versions of KOBIL Smart card Terminals Replacing the batteries: In case the batteries of your SecOVID Reader Plus need to be replaced, you can request KOBIL Systems GmbH to take care of it against a charge. In the process, the batteries and the label on the battery compartment will be replaced. To this end, you will find a corresponding order form on our homepage http://www.kobil.com. Please note that the battery will only be replaced by KOBIL if all security labels are intact. 1 The SecOVID functionality of the SecOVID Reader Plus as described in Chapter 5.3 was not part of the ITSEC-Evaluation. Page 19 KOBIL Smart Card Terminal Manual 5.1 Secure PIN Input The smart card terminal KAAN Standard Plus / SecOVID Reader Plus (in the online mode) supports the secure input of your smart card PINs. This application allows you, for instance, to enter the PIN (personal identification number) of your smart card – such as for smart cards compliant with the German Signature Act – directly at the smart card terminal. The advantage of doing so is that no virus or malicious software can intercept the PIN on your PC. Make sure when buying security-relevant software that it supports secure PIN input according to the MKT standard. The character 'P’ followed by a sequence of vertical bars in the lower half of the display will prompt you to enter your PIN. Whenever a digit is entered the next vertical bar (from left to right) will move into the upper half of the display. Image 11: Sequence of Secure PIN Input Image 11 shows the sequence of the secure PIN entry. Secure PIN input is indicated when the letter ‘P’ is followed by a sequence of fourteen vertical bars in the lower half of the display (cf. Image 11). Whenever you see the letter ‘P,’ followed by a sequence of fourteen vertical bars in the lower half of the display, you can safely enter your PIN through the keyboard of the smart card terminal. Never enter your PIN into the keyboard of the smart card terminal if your display shows a different message. Page 20 KOBIL Smart Card Terminal Manual Always be sure to enter the PIN unobserved in order to prevent others from intercepting your PIN. To keep your PIN secret, it must not be shared with anyone, or noted on the smart card terminal or any other place. You may correct your input by using the ‘C’ button. If necessary, you will have to confirm the input of the PIN with the confirmation button. To view the arrangement of the buttons, confer Image 1. 5.2 Secure PIN Change The smart card terminal KAAN Standard Plus SecOVID / Reader Plus (in the online mode) supports the secure input of your smart card PINs. This application allows you, for instance, to enter the PIN of your smart card – such as for smart cards compliant with the German Signature Act – directly at the smart card terminal. The advantage here is that no virus or malicious software can intercept the PIN on your PC. Make sure when buying security-relevant software that it supports secure PIN changes according to the MKT standard. Image 12 shows the procedure for secure PIN change. Like the previous procedure, the secure changing of your PIN is equally indicated by a ‘P’ followed by a sequence of fourteen vertical bars in the lower half of the display (cf. Image 12). First, you will have to enter your old PIN into the keyboard of the smart card terminal (on display: a ‘P,’ followed by a sequence of fourteen vertical bars in the lower half of the display). Next, enter your new PIN twice (on display: an ‘N’ plus a superior ‘1’ during the first input, and an ‘N’ plus a superior ‘2’ for the retyped input). If you enter your old PIN incorrectly, or if you fail to retype the new PIN correctly, the process will abort, and the PIN will remain unchanged. The input can be corrected with the ‘C’ button. You may possibly have to confirm the PIN input with the confirmation button. To view the arrangement of buttons, please confer Image 1. Whenever you see the letter ‘P’ (and subsequently an ‘N’ with a superior ‘1’ or ‘2’), followed by a sequence of fourteen vertical bars in the lower half of the display, you can safely enter your PIN through the keyboard of the smart card terminal. Never enter your PIN through the keyboard of the smart card terminal if your display shows a different message. Always be sure to enter the PIN unobserved in order to prevent others from intercepting your PIN. To keep your PIN secret, it must not be shared with anyone, or noted on the smart card terminal or any other place. Page 21 KOBIL Smart Card Terminal Manual Break Image 12: Sequence of Secure PIN Change Page 22 KOBIL Smart Card Terminal Manual 5.3 SecOVID The SecOVID Reader Plus supports the authentication system SecOVID made by KOBIL Systems. The following section describes the deployment of the smart card terminal in combination with this authentication system. If you are not using the SecOVID authentication system, you may skip this part. The SecOVID functionality of the smart card terminal is provided only in combination with a SecOVID authentication system. There are two ways of generating SecOVID one-time passwords: in the online mode and in the offline mode. Your choice of mode to be used depends on the type of SecOVID system installed on your workstation. When in doubt, please contact your system administrator. Page 23 KOBIL Smart Card Terminal Manual 5.3.1 SecOVID Online Mode This mode presupposes that a special application software is installed on your computer that will initiate the application SecOVID on your smart card terminal. As soon as a one-time password needs to be generated for a given authentication process, the display will show the character ‘P,’ prompting you to insert your SecOVID smart card and to enter your smart card PIN. Next, the secure PIN input (confer Section 0) is used to accept the PIN of your SecOVID smart card. If your SecOVID-secured application supports more than one generator, the proper generator will automatically be selected and will not need to be defined. The SecOVID one-time password will then be passed on to the application you called. No further input will be required from you. The complete procedure is displayed in Image 13. There, you will also find possible error messages. Image 13: SecOVID Online Sequence Page 24 KOBIL Smart Card Terminal Manual 5.3.2 SecOVID Offline Mode In this mode, the smart card terminal can autonomously generate a SecOVID onetime password without having to be initiated by a special application software from your computer. If the smart card terminal is connected to your PC, SecOVID cannot be executed in the offline mode! Since the SecOVID Reader Plus comes with a battery, it does not have to be connected to a PC in order to generate SecOVID one-time passwords. Once the SecOVID Reader Plus has been disconnected from the PC it is automatically in the offline mode. Next, the device will display a message of the kind shown in Image 14. As soon as a smart card is inserted, it will show the string ‘0P000000,’ prompting you thereby to enter your PIN. The ‘0’ preceding the ‘P’ indicates that the SecOVID generator ‘0’ has been selected. Use the key combination of “F” plus a digit button (for the number of the respective generator) to select another SecOVID generator, where applicable. The default setting is always generator 0. Contact your system administrator to find our whether your system is using a generator, and if so, which one it is using. Use the confirmation button to start the calculation of the one-time password. Next, the smart card terminal will display the new one-time password that you can adopt for your SecOVID-secured application (retype into respective keyboard). Use the key combination of “F” and “C” to change the PIN of your SecOVID smart card. The cancel button will cause the SecOVID offline process to abort. For a graphic representation of the sequences in the offline mode confer Image 14. Page 25 KOBIL Smart Card Terminal Manual Image 14: SecOVID Offline Page 26 KOBIL Smart Card Terminal Manual 6 System Overview Thanks to the CPU integrated into the card terminal, one single driver suffices to address the most diverse smart card types. The implementation of the protocol interfaced between smart card terminal and card is effected in transparent form, so that merely the protocol for the PC input needs to be defined (KSS – confer Chapter 2 Abbreviations). A description of this protocol is available from KOBIL Systems upon request. Values deviating from the default settings of the transmission parameters can be set with the help of an application command (‘Select Parameter’) from the API. Image 15: System Overview 2 During operation you can switch back and forth among different types of smart cards, i.e. diverse applications can be operated with the same hardware. At present, smart cards using the following protocols are supported: 2 Synchronous protocols are not supported by the SecOVID Reader Plus. Page 27 KOBIL Smart Card Terminal Manual Protocol Reference T=0 ISO 7816-3 T=1 ISO 7816-3 Amd. 1 2 wire protocol 3 Siemens data sheet SLE 4432 and SLE 4442 3 wire protocol 3 Siemens data sheet SLE 4418 and SLE 4428 I2C Bus 3 Phillips data sheet PCF8582E-2 Telephone cards 3 SLE 4401, SLE 4402, SLE 4403, SLE 4433 Table 3: Supported Protocols The flexible addressing of the T=1 protocol allows you to address various components of the card reader with the same ISO 7814-4-structured commands. Image 16: Addressing the Card Reader Components via the API 3 Not supported by SecOVID Reader Plus. Page 28 KOBIL Smart Card Terminal Manual 7 The CT–API The CT-API – being an application-independent Card Terminal Application Programming Interface for smart card applications – is subject to the copyrights held by the following authors, from whom further documentation and amendments can be obtained: German Telekom AG / T-TeleSec Fraunhofer Institute Sichere Telekooperation TÜV Informationstechnik GmbH TELETRUST Deutschland e.V. The proper implementation for this smart card terminal is based on version 1.1, dated October 14, 1998. The CT-API is subsequently quoted in excerpts. A full version may be downloaded from the internet under the address http://www.ct-api.de. The software included in the package contains a CT-API driver in the form of a Windows DLL (for 32 bit). This must be interlinked with your own applications. The versions for Solaris, Linux, and other operating system are also found on the enclosed CD. 7.1 Functions The Card Terminal Application Programming Interface (CT-API) provides three functions used to communicate with the smart card terminal on the application layer. CT-API Funktion Significance CT_init Initializing the PC- and smart card terminal interface CT_data Sending commands to the smart card terminal or to the smart card, respectively. CT_close Quitting the communication Table 4: CT-API Functions Page 29 KOBIL Smart Card Terminal Manual 7.2 CT_init Use this function to select the serial (or USB) interface, needed for communication purposes, to which the card reader is connected. The default settings for communication are automatically set. The CT_init function should be called during the start of each program. If an error occurs during the initialization of the interface, the function will return the value -1, otherwise the value 0. Function: char CT_init(unsigned short ctn, unsigned short pn) Parameters: Parameter Name Parameter Type Significance ctn Input parameter Logical card terminal number pn Input parameter Interface (port number) Table 5: Parameters for CT_init For return code, confer Table 9. Page 30 KOBIL Smart Card Terminal Manual 7.3 CT_data This function serves the sending of card control- or card reading application commands, and it will return the response to the command back to the called program. Function: char CT_data(unsigned short ctn, unsigned char *dad, unsigned char *sad, unsigned short lenc, unsigned char *command, unsigned short *lenr, unsigned char *response) Parameters: Parameter Name Parameter Type Significance ctn Input parameter Card terminal number 0 - 255 dad Inputparameter output- Destination address (confer Table 7) sad Inputparameter output- Source address (confer Table 7) lenc Input parameter Length of command in bytes command Input parameter CT control- or application command lenr Input parameter response Input parameter output- Length of the response in bytes Response to the command Table 6: Parameter for CT_data Device Addresses (dad, sad): Address Value Device 0 ICC (smart card) 1 CT (smart card terminal) 2 HOST (PC) 3 ICC 2 (second smart card) (not implemented) 4 Security module (not implemented) 5 REMOTE HOST (not implemented) Table 7: dad / sad Device Addresses For return codes, confer Table 9. Page 31 KOBIL Smart Card Terminal Manual 7.4 CT_close This function will terminate the communication with the card reader and release the interface. It must be called up when quitting the program. Function: char CT_close(unsigned short ctn) Parameters: Parameter name Parameter type Significance ctn Input parameter Logical card terminal number Table 8: Parameters of CT_close For return codes, confer Table 9. 7.5 General Return Codes of the CT-API Functions The return codes of all functions are homogenously listed in the following table: Return Code Value Significance OK 0 Function call-up was successful ERR_INVALID -1 Invalid parameter or value ERR_CT -8 CT error (terminal not operational) ERR_TRANS -10 Irremediable transmission error ERR_HTSI -128 Host transport service interface error Table 9: Return Codes of the CT-API Functions Page 32 KOBIL Smart Card Terminal Manual 7.6 Using the CT-API: The Example of the Public Health Insurance Card The following example demonstrates the use of the functions CT_init, CT_data as well as CT_close (without discussing the return codes). One C++ exemplary project is found on the enclosed CD, or can be obtained from KOBIL Systems upon request. /* Example of Reading a Public Health Insurance Card */ #include /* platform-specific */ #include #include "ct_api.h" int main(void) { unsigned char sad, dad; /* source address, destination address, are transmitted as pointers so that these can be evaluated as responses as well */ unsigned char response[300]; /* field for the response of the function */ unsigned char command[300]; /* Commands have a maximum length of 300 characters here */ int i; unsigned int lenr; int ct_port = 2; /* Example: COM 2 */ int ctn = 1; /* first terminal */ /* Select logical terminal number and port COM2 */ if(CT_init(ctn, ct_port) != OK) { /* Return Code OK ? */ printf(“\nCard reader cannot be reached. Port?”); return(1); /* Quit program */ } /* RESET CT */ sad = 2; dad = 1; /* source = Host (PC) */ /* destination = CardTerminal (card reader) */ lenr = sizeof(response); /* Set maximum length of response */ command[0] = 0x20; /* CLA */ command[1] = 0x11; /* INS */ command[2] = 0x00; /* P1 */ command[3] = 0x00; /* P2 */ command[4] = 0x00; /* LEN */ /* Call up function CT_data and display return code */ printf("Reset CT return code: %d\nSW1-SW2:", CT_data(ctn, &dad, &sad, 5, command, &lenr, response)); Page 33 KOBIL Smart Card Terminal Manual /* issue response */ for(i=0;i; n/d = no display). For all other values, the character ‘-‘ will be displayed. Exceptions are the values 00, 08, 0A, 0C and 20 which generate no output. 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e display 0 1 2 3 4 5 6 7 8 9 - 3f 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d display A b C d E F G (=6) H I J L n 4e 4f 50 51 52 53 54 55 56 57 58 59 5a 5b 5c display N o P n/d r S (=5) t U y - 5d 5e 5f 60 61 62 63 64 65 66 67 68 69 6a 6b display A b C d E F G (=6) H I J - Table 54: Limited Set of Characters Page 61 6c 6d 6e 6f 70 71 72 73 74 75 76 77 78 79 7a display L n N o P n/d r S (=5) t U y - KOBIL Smart Card Terminal Manual 10.17 Perform Verification This command causes the character ‘P’ to be displayed, requesting the PIN input, the acceptance of the PIN input through the smart card terminal keyboard, and the corresponding interaction with the smart card (for a more accurate description of the present smart card terminal, confer Section 5.1). Support for a biometric sensor is not provided at present. The interaction of the smart card consists, on the one hand, of the sending of commands transmitted in the data field or the ‘Perform Verification’command. In this context, you will either have to enter the PIN or the resetting code of the smart card terminal at the insert position identified in the DO ‘Command-toPerform’. On the other hand, the interaction consists of the acceptance of the smart card response. For more details, confer Chapter 5.1. Coding: CLA '20' INS '18' P1 '01' = CT/ICC interface 1 '02' = CT/ICC interface 2 (only SecOVID Reader Plus ) P2 '00' = user authentication via PIN pad Lc Length of data field Data field TLV with the Tags (confer also ISO/IEC 7816-6 on this point): 4 '52' = command-to-perform: control byte (see below) || insert position || raw command '50' = display text for challenge to enter PIN is being ignored. '80' = timeout in seconds (BCD coded) is ignored until the first digit is entered. Le Empty Table 55: Coding the Command PERFORM VERIFICATION Bits Control Byte (Tag '52') b8-b5 Length of PIN to be entered. '00' for any length (conclude with return key) b4-b3 '00' = RFU b2-b1 PIN coding '00' = BCD '01' = T.50-coded character with b8=0 (i.e. digit 0 = '30', digit 1 = '31' etc., ASCII) '10' = format 2 PIN block (2L PP PP PP PP ... PF FF FF .. FF; L=length, P=BCD PIN digit) '11' = RFU b8-b1 'FF' for biometric authentication (not implemented) Table 56: Coding the Control Bytes (Tag '52') 4 For security reasons, the raw command permits only the INS bytes 0x20, 0x24, 0x26, 0x28 and 0x2c! Page 62 KOBIL Smart Card Terminal Manual The insert position is counted upward, starting at 1. The raw command in ‘Commandto-Perform’ may appear, depending on the application, in one of the two following formats: - Command Header (CLA, INS, P1 P2 = 4 bytes), if the PIN is entered into the data field of the ICC command without padding. - Command Header with length field Lc and with data field pre-formatted with padding bytes. Examples: 1. VERIFY-command compliant with ISO/IEC 7816-4 ('00 20 00 00'), 4-digit PIN 4712 (BCD) Contents of Tag '52' = '40 06 00 20 00 00' At position '05', starting from the begin of command, the length byte Lc (here: '02') is entered by the card terminal. Insert position is ‘06’, that is, the sixth byte after the beginning of the ‘Verify’-command. After the PIN has been successfully entered, the following command is sent to the card: '00 20 00 00 02 47 12'. 2. ‘Verify’-command compliant with CEN 726-3, 4-digit PIN 4712 (ASCII) with FF padding Contents of Tag '52' = '41 06 A0 20 00 01 08 FF FF FF FF FF FF FF FF' Insert position is ‘06’, that is, the sixth byte after the beginning of the ‘Verify CHV’-command. Once the PIN has been successfully entered, the following command is sent to the card: 'A0 20 00 01 08 34 37 31 32 FF FF FF FF'. After the input request – consisting of the character ‘P’ and fourteen vertical bars – the PIN to be entered (usually between four and eight digits) is displayed on the screen in such a way that one of the vertical bars will move into the upper half of the display for each digit entered. The PIN length is defined in the control byte. Next, the PIN is entered in the data field of the ICC command, which is found in the data field of the ‘Perform Verification’-command (command-to-perform is entered ahead of the PIN in the Lc field, provided that nothing but the command header is found there). Afterwards the ICC command is transmitted to the smart card. The status bytes returned in the response of the ICC command (if the PIN was entered correctly, SW1-SW2 = ‘9000’) are forwarded to the application system in the form of status bytes of the ‘Perform Verification’-command, and the standard text ‘LINE’ will be issued through the display. Page 63 KOBIL Smart Card Terminal Manual If the PIN transmitted to the smart card was incorrect, the return code from the smart card SW1-SW2 will differ from ‘9000.’ In this case, the standard display text ‘PIN Error’ will be issued, and the return code will be sent back to the application system. If the user presses the cancel button before the PIN input is concluded, the command will be sent back to the smart card, the standard display text ‘CANCEL’ will be issued through the display, the input buffer will be erased, and the return code SW1-SW2 = '6401' will be returned. If the input request is not followed by the input of the next digit within 15 seconds (default value), or if more than 5 seconds expire between the input of the next consecutive digits, no command will be sent to the smart card, the standard display text ‘CANCEL’ will be issued through the display, and the return code SW1-SW2 = '6400' will be returned. If the user simply forgot to press the confirmation button – regardless of the PIN length – the process will be aborted after the expiration of another timeout period. Special Status Displays: SW1 SW2 Significance Possible cause '9000' PIN was successfully transferred. '6400' Timeout No input during the timeout period '6401' break The cancel button was pressed. Table 57: Special Status Displays for the Perform Verification Command Page 64 KOBIL Smart Card Terminal Manual 10.18 Modify Verification Data This command will prompt the request for the old PIN (or for the resetting code, confer ISO/IEC 7816-8; or for the unblocking key, confer EN 726-3) and the new PIN and the corresponding interaction with the smart card. No biometric support is implemented at present. The interaction with the smart card consists of the transmission of the commands entered into the data field of the ‘Modify Verification Data’-command, and of the acceptance of the smart card response. In the process, the old PIN, or the resetting code of the smart card terminal, will be inserted together with the new PIN into the insert position in the DO ‘Command-to-Perform.’ Coding: CLA '20' INS '19' P1 '01' = CT/ICC interface 1 '02' = CT/ICC interface 2 (only SecOVID Reader Plus) P2 '00' = User authentication via PIN pad Lc Length of data field Data field TLV with the tags (on this point, confer also ISO/IEC 7816-6): '52' = command-to-perform: 5 control byte (cf. 10.17) || insert position OLD || insert position NEW || raw command '50' = display text for the request for PIN input (default = “P“) is being ignored '80' = timeout in seconds (BCD-coded) up to the input of the first digit is being ignored Le Empty Table 58: Coding the Command Modify Verification Data The significance and use of the tags matches the ‘Perform Validation’-command (confer Section 10.17) Examples: 1. ‘Change Reference Data’ compliant with ISO/IEC 7816-8 with old reference data (4-digit PIN) and new reference data (6-digit PIN), i.e. PINs of variable length, and representation as ASCII characters. The value of the old reference data in the example is 4712, the value of the new reference data is 231546. Content of Tag '52' = '01 06 00 00 24 00 00' 5 For security reasons, the raw command allows only for the INS-Bytes 0x20, 0x24, 0x26, 0x28 and 0x2c! Page 65 KOBIL Smart Card Terminal Manual Insert position for the old reference data: '06', that is the sixth byte after the beginning of the ‘Change Reference Data’-command, insert position for new reference data: byte '00', i.e. immediately following upon the old reference data. The length byte Lc is inserted by the smart card terminal at position 05 after the beginning of the command. The command sent to the smart card has the following coding: '00 24 00 00 0A 34 37 31 32 32 33 31 35 34 36' Note: Under ISO/IEC 7816-8 is assumed that the smart card knows the length of the old reference data, and that is therefore requires neither a fixed field length of 8 bytes, nor any delimiters! 2. ‘Change CHV’-command compliant with CEN 726-3, having a 4-digit PIN (old PIN 4712, new PIN 2315) and BCD-coding with FF padding. Contents of Tag '52' = '40 06 0E A0 24 00 01 10 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF' Insert position for the old PIN: '06', that is, the sixth byte after the beginning of the ‘Change CHV’-command, insert position for the new PIN: byte '0E', that is, the fourteenth byte after the beginning of the ‘Change CHV’-command. The command sent to the smart card has the following coding: 'A0 24 00 01 10 47 12 FF FF FF FF FF FF 23 15 FF FF FF FF FF FF' The execution of the ‘Modify Verification Data’-command in the smart card terminal begins with the output of the standard display text ‘P.’ The data object ‘52’ (Command-to-Perform) should always be the last tag in the data field. After the old PIN or the resetting code has been entered, the standard display text ‘N’ is issued, bearing a superior ‘1’ in the upper left-hand corner of the screen. After the new PIN has been entered, the standard display text ‘N’ prompts the retyping of the new PIN by showing a superior ‘2’ in the upper left-hand corner of the display. Once the PIN input has been repeated, and once it has been verified to match the first input, the two PINs are entered into their respective insert positions in the data field of the ICC command that is supposed to be sent to the smart card. The status bytes SW1-SW2 (usually ‘9000’), returned in the response of the ICC command, are forwarded to the application system as status bytes of the ‘Modify Verification Data’-command, and the standard display text ‘LINE’ is issued through the display. If the smart card returns a return code SW1-SW2 other than '9000,' the standard display text 'PIN Error' will be issued. For instance, if the input during the retyping of the new PIN fails to match the previous input, SW1-SW2 = '6402' will be sent back to the application system as status bytes. In case the timeout period is exceeded during the user input, and if the process is cancelled by the user, the same rules as for the ‘Perform Verification Data’-command apply. Page 66 KOBIL Smart Card Terminal Manual Special Status Displays: SW1-SW2 Significance Possible Cause '9000' PIN change successfully performed '6400' Timeout No input within the timeout period '6401' Break The cancel button was pressed. '6402' PIN mismatch The new PIN was incorrectly retyped the second time. Table 59: Special Status Displays for the Modify Verification Data Command 10.19 Reset 1 Reset 1 executes a reset for asynchronous smart cards, and provides the ATR. If the interface to the smart card has already been activated, it will not be completely deactivated before the reset, and the power supply VCC remains consistent. Note: The Reset1 command was implemented in order to support the non-ISO-compliant protocol switch of some smart cards. Coding: CLA '20' INS '1F' P1 Device 01 = ICC1, 02 = ICC2 P2 00 = no responses 01 = entire ATR 02 = only historical characters as response Lc Empty Data field Empty Le '00' Table 60: Coding the Reset 1 Command Page 67 KOBIL Smart Card Terminal Manual Special Status Displays: SW1 SW2 Significance Possible Causes '90 01' Received ATR from asynchronous ICC '64 A1' No ICC No smart card in the contact unit. '64 A2' ICC not activated ICC was removed from the contact unit after activation, and then reinserted. '64 A3' Protocol not supported The ATR of an asynchronous ICC was received. The protocols displayed in the ATR are not supported. '64 A7' No ATR compliant with ISO 7816-3, no protocol selected No ATR from an asynchronous ICC was received. '64 A8' Protocol error The ATR of an asynchronous ICC was received. The check sum contained errors. Table 61: Special Status Displays for the Reset 1 Command 10.20 Set Interface Parameter The ‘Set Interface Parameter’-command effects the reset of the protocol, of the protocol parameters, or of the other adjustable properties at the identified interface. When resetting the HOST / CT interface, the setting of the new parameters is effected after the transmission of the response from the ‘Set Interface Parameters’command. A resetting of the protocol or of the protocol parameters at the ICC interface is possible only under the protocol status PTS or READY – directly after the reset and prior to the beginning of the data transmission. However, the transparent mode allows for the resetting of parameters at any time. Coding: CLA '80' INS '60' P1 Device: 00 = CT/HOST, 01 = ICC1, 02 = ICC2 P2 '00' Lc Variable Data field TLV Tags '10','11','12','13' for device = 00 Tags '21','22','23','24','25' for device = 01 or 02 Tags '40','41','42',43','44' additional in transparent mode Le Empty Table 62: Coding the Set Interface Parameter Command Page 68 KOBIL Smart Card Terminal Manual Special Status Displays: SW1 SW2 Significance Possible Causes '69 85' Command not possible in Protocol settings at the ICC interface are possible only directly after the the present status reset and before the data transmission is begun. '6A 80' Invalid parameters in the Options not supported, or combination of options not supported, are data field displayed in the data field. The parameters displayed in the data field are incompatible. '6A 85' Inconsistent data in the The data transmitted to the data field cannot be interpreted as TLV field. data field Table 63: Special Status Displays for the Set Interface Parameter Command 10.21 Freeze Freeze commands will convert the card reader into the freeze status. In the freeze status, the card reader retains its current status, and waits for the event identified by the freeze command to occur. The freeze status begins with the transmission of the response to the freeze command. The freeze status is simulated in the CT-API DLL. The freeze status is terminated as soon as one of the events identified by the freeze command has occurred, or if a syntactically correct block of layer 2 (new command) has been received. Coding: CLA '80' INS '70' P1 '00' P2 '00' Lc Variable Data field TLV Tags '30' freeze events Le Empty Table 64: Coding the Freeze Command Special Status Displays: SW1 SW2 Significance Possible Causes '6A 80' Invalid parameters in the An event not supported is displayed in the data field. data field '6A 85' Inconsistent data in the The data transmitted to the data field cannot be interpreted as TLV data field structure. Table 65: Special Status Displays for the Freeze Command Page 69 KOBIL Smart Card Terminal Manual 10.22 Wait Freeze 'Wait Freeze' is sent after the successful issuance of a ‘freeze’ and will not return until after the event identified has occurred, or if an error has manifested itself. Unlike with other commands, CT_data(...'Wait Freeze'...) will block the calling thread of the program. If the respective application has only one thread, the entire process will be blocked. Since this is hardly ever intended, CT_data(...'Wait Freeze'...) should be executed in a separate thread. If CT_close() is called up during a multiple thread process, while CT_data(...'Wait Freeze'...) is being processed, CT_data() will be terminated with the return code ERR_HTSI. Coding: CLA '80' INS '71' P1 Timeout in minutes P2 Timeout in seconds Lc Empty Data field Empty Le Empty Table 66: Coding the 'Wait Freeze' Command If the value '00' is entered in P1 and P2, no timeout will be performed. ‘Wait Freeze’ will not return until the freeze event has occurred or in case of an error. Special Status Displays: SW1-SW2 '62F0' Significance Timeout '64F0' Freeze already set during call-up Possible causes ‘Wait Freeze’ was terminated by a timeout, the freeze event was not received. The CT does not have freeze status. Table 67: Special Status Displays for the 'Freeze' Command Page 70 KOBIL Smart Card Terminal Manual During the reception of SW1-SW2 = '90 00' the change of the DSR_Line from LO to HI was received. In this case the application should read out the freeze status file or the ICC status file. The signal line may have been set by the activity of another application. In this case, the event did not occur even though DSR was set. After the ICC status file of the B1-CT has been read out, the application may have to transmit ‘Freeze’ or ‘Wait Freeze’ once more. 10.23 ICC Application Commands ICC application commands are characterized by the fact that the destination address (DAD) is set to the value 00 (ICC1) or to the value 02 (ICC2). The card reader attempts principally to forward the data addressed to an ICC, or received from there, to the respective destination address in transparent form. That is, each command to an ICC that is received by the HOST interface generally causes a response by an ICC to be transmitted to the HOST interface. There are two instances that take exception to this principle. • The card terminal allows for access to synchronous smart cards by presenting them as file to the application layer. You may access such files with ICC commands specified for file operations. • If an error occurs during the transmission of a command to an ICC, the card terminal will generate an error code. In order to enable the application to recognize that the response was generated by the card terminal, the source address (SAD) is set to the value of 01 (CT) in the response. The error messages generated by the card terminal are represented in the following table. Page 71 KOBIL Smart Card Terminal Manual SW1 SW2 Significance Possible Causes '62 A5' No protocol selected No ATR from a synchronous card was received. The type of protocol is unknown. '62 A6' No ATR compliant with ISO 7816-3 The ATR was received with the I2C protocol, not in compliance with ISO 7816-3. '62 A7' No ATR compliant with ISO 7816-3, no protocol selected No ATR in compliance with ISO 7816-3 was received, nor could the ATR be read with the I2C protocol. '64 A0' unspecified ICC error '64 A1' No ICC No smart card in the contact unit. '64 A2' ICC not activated ICC was removed from the contact unit after activation , and then reinserted. '64 A3' Protocol not supported The ATR of an asynchronous ICC was received. The protocols displayed in the ATR are not supported. '64 A5' No protocol selected No ICC protocol was selected. '64 A8' Protocol error A protocol error occurred during the communication with the ICC. The error can possibly be remedied by re-synchronizing the layer 2 protocol. This will automatically be attempted during the next data transmission. '64 A9' Irremediable ICC Protocol error An irremediable protocol error occurred during the communication with the ICC. '64 AA' PTS protocol error An error occurred during the PTS with the ICC. '64 AB' WTX error Communication with the ICC was interrupted because an extension of the waiting period requested by the HOST was denied. '65 AB' WTX error, memory contents changed The communication with the ICC was interrupted because an extension of the waiting period requested by the HOST was denied. The contents of the non-volatile memory may already be changed. '69 85' Security violation Command was rejected due to security reasons. '6F 82' Invalid source address. The source address (SAD) is not 02 (HOST) or 05 (REMOTE HOST). Table 68: Error Messages of the Smart card Terminal when Accessing an ICC 10.24 Selecting Synchronous ICCs - (only KAAN Standard Plus) If the card reader recognizes a synchronous ICC during reset, or if the user resets the protocol to process synchronous ICCs, using the command ‘Set Interface Parameter,’ a server module for synchronous ICCs is activated. This module presents synchronous ICCs as file, which allows for the addressing of additional properties of the ICC by way of selecting different files. Page 72 KOBIL Smart Card Terminal Manual 10.25 Commands for Selecting Synchronous ICCs - (only KAAN Standard Plus) The following table provides an overview of the commands of the server module. For the coding the descriptions for the CT application commands applies. Command Coding CLA INS P1 Erase Binary '00' '0E' offset Verify '00' '20' '00' Select File '00' 'A4' '00' Read Binary '00' 'B0' Write Binary '00' 'D0' P2 Lc Parameters Le var. var. - '00' var. PIN - '00' 2 File ID - offset - - var. offset var. data - Table 69: Overview of the Commands for Synchronous ICCs 10.26 File Types - (only KAAN Standard Plus) In order to be able to address additional properties of synchronous ICCs, various file types have been implemented. These are selected with the ‘Select File’-command. At present, the following files types are supported: File Type File ID Significance Data File '3F01' The data of the synchronous ICC are treated as a sequence of bytes, the file is implicitly selected during the activation of the server module. Attribute File '3F81' The data of the synchronous ICC are treated as a sequence of bytes. Each data byte is followed by an attribute byte. Bit 1 (the bit of the lowest value) of the attribute byte, indicates whether the byte is read-only protected, The significance of the remaining bytes of the attribute bytes remains undefined at present. Password File '3F82' The password of the ICC is treated a sequence of bytes. A password file does not exist for all synchronous ICCs. Table 70: File Types for Operations Involving Synchronous ICC 10.27 Handling the Public Health Insurance Card (only KAAN Standard Plus) If the CT configuration file indicates that a read-only module exists, the CT-API DLL verifies in the case of synchronous cards whether the inserted card matches the specification of the public German health insurance card. In this case, any writing access to the card is prevented. Page 73

9 The Smart Card Terminal File System

Rating

Date

Size

Views

Categories

Share

Transcript

Forgot your password?.