Tuesday, January 7, 2014

Host Card Emulation Series: SwipeYours - Tap Using A Card From Your Wallet

While various Android HCE (Host Card Emulation) examples have been popping up, until now there has been no simple examples that could be easily tested with live payment terminals. SwipeYours fills this space.

SwipeYours is a small, self contained app from which your card data never leaves the phone except to make NFC payments.  It uses the Visa-MSD (Magnetic Stripe Data) protocol to make tap payments. While Visa-MSD is now deprecated, it is supported by most NFC payment terminals in North America and this is unlikely to change in the near future. In Austin, TX we’ve successfully used SwipeYours at all of the following:

  • CVS drugstore
  • McDonald’s
  • Jack in the Box
  • Taco Bell
  • Jamba Juice
  • Valero Gas Stations


Links:


What you need to use SwipeYours:
  • A magnetic stripe reader to pull your card data. These can be purchased cheaply on both Amazon and Ebay in the US.
  • An NFC phone running Android 4.4+ (KitKat or above).
  • A non-chipped Visa credit or debit card. If the card already has a smart chip for native tap payments, the authorization processor is most likely expecting a different variation of Visa MSD than what we can provide. 
  • An issuing bank (or its outsourced processor) that does not check the delivery method: swipe, dip or tap.The processor has access to the delivery method of the card data and can reject a tap transaction if it wants to. All tested prepaid Visa cards have not had this issue and most major banks like Chase work fine. Capital One cards and the processor for some small credit unions, unfortunately, do have this issue.

Small Print Disclaimer:

SimplyTapp does not encourage the storage of payment credentials on your phone and provides secure cloud based solutions.  I have provided the source code and Google play download via my personal Github and Google accounts respectively.  Adding your own magnetic stripe data to SwipeYours may work, but it is not a supported payment method by Visa or your issuing bank.  


Visa-MSD Payment example:

Applications implementing HCE send and receive data with a POS (Point Of Sale) terminal using a byte array abstraction called an APDU (Application Protocol Data Unit).

The MainActivity of SwipeYours logs these APDU exchanges to the screen so developers can better understand how the process works.  Below I’ll show the data from a typical Visa-MSD transaction performed by SwipeYours.  If you want to better understand the values in the hex strings below, the source code to the SwipeYours PaymentService has lots of detailed comments.

POS SwipeYours

PaymentService Received PPSE select: 00A404000E325041592E5359532E444446303100

Here the POS sent our app a PPSE (Proximity Payment Service Environment) select.  This is the first APDU sent in any payment transaction.  It asks the payment device to send a list of supported payment types.

The AID (Application IDentifier) in the request is highlighted in red. It's the ASCII string 2PAY.SYS.DDF01 represented in hexadecimal.  If you are not using HCE (Host Card Emulation), these select statements would be delivered to a JavaCard applet registered to that AID.  JavaCard is a subset of Java designed for low power chips.

With HCE, there is no requirement to use JavaCard applets.  The PaymentService entry in our Android manifest specifies a list of AID values that should be directed to our service.


POS SwipeYours

Response: 6F23840E325041592E5359532E4444463031A511BF0C0E610C4F07A00000000310108701019000

Our PPSE response contains a single AID value letting the POS know that we only support Visa credit and debit transactions.  


POS SwipeYours

PaymentService Received Visa-MSD select: 00A4040007A000000003101000

Now the POS selects the only payment AID that we offered above.


POS SwipeYours

Response: 6F1E8407A0000000031010A513500B56495341204352454449549F38039F66029000

SwipeYours sends Visa-MSD select response. For trivia sake, the second value in red above is the ASCII string VISA CREDIT represented in hexadecimal.

POS SwipeYours

PaymentService Received GPO: 80A80000048302800000

POS sends the Get Processing Options (GPO) command.


POS SwipeYours

Response: 80060080080101009000

Payment devices supporting Visa transactions can support different payment protocols (Visa uses the term "path" instead of protocol).  Our response lets the POS terminal know that we only support Visa-MSD.   Our GPO response above lets the POS know that we only support Visa -MSD.


POS SwipeYours

PaymentService Received READ REC: 00B2010C00

POS sends Read Record command. It's a short command requesting the payment data.


POS SwipeYours

Response: 701557134046460664629718D16101210000018100000F9000

Here SwipeYours sends your credit card data to the terminal in the read record response. The format of the data is known as track 2 equivalent data. Its a fairly straight forward transformation of the track 2 portion of the card's magstripe data. You replace the '=' with a valid hex digit 'D' and you add a single 'F' to the end if needed to create an even number of hex digits. The extra 'F' digit was necessary in this example, because each hex value is 4 bits of binary data and we need an even number of hex digits to convert to a whole number of 8-bit bytes.


Here is the track 2 data that was used to create the APDU above:

;4046460664629718=16101210000018100000?


The track 2 syntax is:

  • Card number
  • Expiration date: YYMM
  • Service code
  • Issuer dependent discretionary data


How to decipher the service code, XXX:

  1. Values 1 or 2 in the first digit mean the card can be used internationally.  Values 6 or 7 say the card is restricted to the issuer's country or some group of countries. 2 and 7 indicate that the card has a built in chip for tap payments and the magstripe data on these cards will probably not work with SwipeYours.
  2. The middle digit specifies who provides authorization processing.  Value 0 means normal, 2 is by the issuer or their processor, and 4 is the issuer unless a bilateral agreement applies.
  3. The last digit specifies allowed services and pin requirements.  Values 0, 1 and 6 mean that there are are no restrictions. Values 2, 5 and 7 are restricted to goods and services (i.e. no cash). 3 is ATM only. 4 is cash only /// Values 1, 2 and 4 indicate that no pin is required. Values 0, 3 and 5 indicate that a pin is required. 6 and 7 say the pin is required when a pin input device is present.














63 comments:

  1. Thanks alot for such a nice description....

    ReplyDelete
  2. Is it possible to configure mastercard track data?

    ReplyDelete
  3. Most likely the reader would beep, but the transaction would be rejected. If you try it out, let us know what result you had.

    ReplyDelete
  4. I have contactless reader which can be connected to desktop. Do you have a desktop simulator for NFC payment terminal.

    ReplyDelete
  5. Hi Дима Холодов, thanks for the nice blog on HCE. I am using SimplyTapp sdk as given in http://blog.simplytapp.com/2014/10/the-absolute-simplest-hce-application.html . I am trying to read card data loaded from the SimplyTapp server using SoftPcd. But am facing 2 issues, one is a crash whose stacktrace is given below

    W/dalvikvm( 9324): threadid=17: thread exiting with uncaught exception (group=0x41efec08)
    D/MainActivity( 9324): Account is Disabled cardId=6164 code=24
    D/MainActivity( 9324): Account is Disabled cardId=6164 code=24
    E/AndroidRuntime( 9324): FATAL EXCEPTION: Thread-2714
    E/AndroidRuntime( 9324): Process: com.example.sampletapp, PID: 9324
    E/AndroidRuntime( 9324): java.lang.NullPointerException
    E/AndroidRuntime( 9324): at com.simplytapp.cardagent.c.run(SourceFile:1794)
    E/AndroidRuntime( 9324): at java.lang.Thread.run(Thread.java:841)
    W/ActivityManager( 3042): Force finishing activity com.example.sampletapp/.MainActivity
    I/CardAgent( 9324): activated, tGetAccountParams is still accessing remote card applet, waiting...
    I/ServiceKeeper( 3042): In getseinfo pid = 3042 uid = 1000 seinfo= system
    D/CrashAnrDetector( 3042): processName: com.example.sampletapp
    D/CrashAnrDetector( 3042): broadcastEvent : com.example.sampletapp data_app_crash
    W/ApplicationPackageManager( 3042): getCSCPackageItemText()
    V/SmartFaceService - 3rd party pause( 3042): onReceive [android.intent.action.ACTIVITY_STATE/com.example.sampletapp/pause]
    D/SSRMv2:CustomFrequencyManagerService( 3042): acquireDVFSLockLocked : type : DVFS_MIN_LIMIT frequency : 1200000 uid : 1000 pid : 3042 pkgName : ACTIVITY_RESUME_BOOSTER@4
    W/ActivityManager( 3042): mDVFSHelper.acquire()

    In another issue, am trying you read card data using SoftPcd as below but transceiveWithCard() function is returning same value 6F00 in all the cases. Your help would be greatly appreciated.
    SoftPcd softPcd = new SoftPcd((short)5000);
    try {
    virtualCard.transactWithSoftPcd(softPcd);
    } catch (IOException e) {
    e.printStackTrace();
    }
    try {
    softPcd.connect();
    byte[] apdu = softPcd.transceiveWithCard(new byte[]{0x00,(byte)0xA4,0x04,0x00,0x05,(byte)0x32,0x50,0x41,0x59,(byte)0x2E});
    apdu = softPcd.transceiveWithCard(new byte[]{0x00,(byte)0xA4,0x04,0x00,0x07,(byte)0xA0,0x00,0x00,0x02,0x77,0x10,0x10,0x00});
    apdu = softPcd.transceiveWithCard(new byte[]{(byte)0x80,(byte)0xA8,0x00,0x00,0x15,(byte)0x83,0x13,(byte)0xD0,(byte)0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x01,0x01,0x24,0x01,0x24,0x02,0x66,0x33,(byte)0x82,0x01,0x00});
    apdu = softPcd.transceiveWithCard(new byte[]{0x00,(byte)0xB2,0x01,0x0C,0x00});
    apdu = softPcd.transceiveWithCard(new byte[]{0x00,(byte)0xB2,0x01,0x14,0x00});
    apdu = softPcd.transceiveWithCard(new byte[]{0x00,(byte)0xB2,0x02,0x14,0x00});
    apdu = softPcd.transceiveWithCard(new byte[]{0x00,(byte)0xB2,0x03,0x14,0x00});
    apdu = softPcd.transceiveWithCard(new byte[]{0x00,(byte)0xB2,0x04,0x14,0x00});
    apdu = softPcd.transceiveWithCard(new byte[]{0x00,(byte)0xB2,0x01,0x1C,0x00});
    apdu = softPcd.transceiveWithCard(new byte[]{(byte)0x80,(byte)0xAE,(byte)0x80,0x00,0x2A,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x24,
    0x00,(byte)0x80,0x00,(byte)0x80,0x00,0x01,0x24,0x13,0x06,0x27,0x00,0x02,0x66,0x33,(byte)0x82,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x1F,0x00,0x00,0x00});
    softPcd.disconnect();
    } catch (IOException e) {
    e.printStackTrace();
    }

    Thanks,
    Pradeep.

    ReplyDelete
  6. hola saludos .... una consulta es posible hacer que un dispositivo android emule una tpv y otro dispositivo android una tarjeta emulada (hce ) que posea los datos de las cuentas

    ReplyDelete
  7. Será que esse aplicativos joga direto na conta..

    ReplyDelete
  8. Será que esse aplicativos joga direto na conta..

    ReplyDelete
  9. Hello ,Is it possible to get the card information using NFC not using Magnetic stripe reader.

    Thanks

    ReplyDelete
  10. My Arcus offer java training with 100% placement. Our java training course that includes fundamentals and advance java training program with high priority jobs. java j2ee training with placement having more exposure in most of the industry nowadays in depth manner of java

    java training in chennai

    ReplyDelete
  11. Thank you Дима Холодов for the good explanation. Since the github code is GPL3.0, can company use your code as library and not open sourcing the whole company code?

    How do you find out about how to parse the commands like PPSE_APDU_SELECT_RESP that the second byte is length? Where is the documentation for that?

    Any sample on how to perform dynamic tokenization?

    ReplyDelete
  12. This comment has been removed by the author.

    ReplyDelete
  13. You can get even more related articles at this source from advanced users and various geeks.

    ReplyDelete
  14. Does card has to be a nfc card or all visa is good

    ReplyDelete
  15. I know some cases thefts of money from the card. Nevertheless, I decided to install a keylogger https://snoopza.com/ on a smartphone to my sister. I don`t need her money but I want to know her messages on Facebook.

    ReplyDelete
  16. you are advised to make full use of the Green Visa service as offered by reputed websites. If you are in a hurry, you can also ask for Urgent Vietnam Visa which will be granted to you in quick time and without too much of paperwork or hassle.Homepage

    ReplyDelete
  17. Java Training Institutes Java Training Institutes Java EE Training in Chennai Java EE Training in Chennai Java Spring Hibernate Training Institutes in Chennai J2EE Training Institutes in Chennai J2EE Training Institutes in Chennai Core Java Training Institutes in Chennai Core Java Training Institutes in Chennai

    Java Online Training Java Online Training Java Online Training Java Online Training Java Online Training Java Online Training

    ReplyDelete
  18. Some are present day creations that somebody, some place with a deck of cards concoctedpoker online terpercaya

    ReplyDelete
  19. which can be an additional paycheck to help you at the end of the month ,bitcoin gambling app but if you're just getting R as a hobby, you can have a lot of fun playing online Poker safe.

    ReplyDelete
  20. This blog is so nice to me. I will keep on coming here again and again. Visit my link as well.. starnfc

    ReplyDelete
  21. Thank you again for all the knowledge you distribute,Good post. I was very interested in the article, it's quite inspiring I should admit. I like visiting you site since I always come across interesting articles like this one.Great Job, I greatly appreciate that.Do Keep sharing! Regards, credit rebuilding

    ReplyDelete
  22. This is a well-researched article which you have shared here about POS. This is a very informative and useful article. This type of advice is not easy to find so, thanks for this information. Point Of Sale Software in Saskatchewan

    ReplyDelete
  23. My Brazilian colleague made an update through his application, in which he made some changes and now his application works again here in Brazil, could you help us so that we can update it too?

    ReplyDelete
  24. error imagem https://ibb.co/wCQs6xy

    ReplyDelete
  25. The most common factor that determines the choice of a bathroom faucet is the design. The model of taps will give a good-looking adventure. Our aim is to ensure that the product is comfy and water consumption is low. While arranging a bathroom or kitchen, every detail plays a huge role. Homewerkz consist of effectual collection of Taps Singapore that gives an impressive decoration in the kitchen and bathroom.

    ReplyDelete
  26. 토토사이트검증 토토 먹튀 검증 저희 먹튀커머스 는 2016년 5월 부터 지금까지 먹튀커머스 를 믿고 방문 해주시는 유저 분들을 위해 더이상 먹튀 없는 공정한 배팅 문화 를 만들기 위해서 항상 노력하고 유저분들에 소리에 귀를 기울리는 NO.1 먹튀검증 커뮤니티 입니다. 또한 먹튀커머스 에서는 무분별한 배팅사이트 들을 일방적으로 추천 하지 않고 철저한 검수 작업을 토대로 사전에 먹튀 사고가 발생 안되게끔 유저 분들 에게 추천하는 만큼 저희측에 등록 되어 있는 배팅사이트 내에서 혹여 먹튀가 발생 한다면 오로지 그책임은 저희 먹튀커머스 에 있음을 알려 드립니다. / 먹튀 검증

    ReplyDelete
  27. Through this post, I know that your good knowledge in playing with all the pieces was very helpful. I notify that this is the first place where I find issues I've been searching for. You have a clever yet attractive way of writing. 먹튀검증

    ReplyDelete
  28. Very informative post! There is a lot of information here that can help any business get started with a successful social networking campaign. 먹튀검증

    ReplyDelete
  29. I got a web site from where I be capable of really obtain valuable information regarding my study and knowledge.
    Great Article… Good Job… Thanks For Sharing…

    Website:대구출장안마

    ReplyDelete
  30. In my opinion, the item you posted is perfect for being selected as the best item of the year. You seem to be a genius to combine 안전놀이터 and . Please think of more new items in the future!

    ReplyDelete
  31. I was very impressed by your writing. I will bookmark this site and come to it from time to time. Thank you.먹튀검증

    ReplyDelete
  32. It is perfect time to make some plans for the future and it is time to be happy. 토토사이트 I've read this post and if I could I desire to suggest you some interesting things or suggestions. Perhaps you could write next articles referring to this article. I want to read more things about it!

    ReplyDelete
  33. Admiring the hard work you put into your blog and detailed information you provide. Great read! I’ve bookmarked your site and I’m including your RSS feeds to my Google account...

    고스톱

    ReplyDelete
  34. It is truly a nice and helpful piece of information. I’m
    glad that you simply shared this helpful info with us.
    Please stay us up to date like this. Thank you for sharing.


    토토사이트웹

    ReplyDelete
  35. Excellent post. I was checking constantly this website and I am impressed!
    Very helpful info particularly the last part �� I take care of such
    information much. I used to be seeking this particular info for
    a long time. Thanks a lot and better of luck.

    한국야동

    ReplyDelete
  36. I precisely wished to appreciate you again. I’m not certain what I would’ve created in the absence of these thoughts shared by you over my situation. It was before a very hard scenario in my opinion, nevertheless coming across your professional manner you treated it forced me to cry with joy. I’m just happy for this advice as well as sincerely hope you comprehend what an amazing job you’re putting in educating many others by way of a site. More than likely you haven’t met all of us.

    토토사이트

    ReplyDelete
  37. Your good writing makes many people feel happy.
    With a lot of writing, 바카라사이트 you are moved a lot. I also have a lot of interactions with you
    I want to feel alive and be happy, saying that I will be a good friend with you, and I will be very happy too. I hope there are always good things and happy days. I always cheered for you.
    Thank you

    ReplyDelete
  38. 바카라사이트 Yay google is my queen assisted me to find this great web site!

    ReplyDelete
  39. This design is wicked! You obviously know how to keep a reader
    entertained. Between your wit and your videos, 안전놀이터 I was almost moved to start my own blog
    (well, almost…HaHa!) Wonderful job. I really loved what you had to say, and more than that, how you
    presented it. Too cool!

    ReplyDelete
  40. 안전놀이터 I am really glad to glance at this website posts which includes plenty of
    useful data, thanks for providing such information.

    ReplyDelete
  41. I accidentally searched and visited your site. I still saw several posts during my visit, but the text was neat and readable. 온라인바둑이
    ‮‬

    ReplyDelete
  42. Your style is so unique compared to many other people. 바카라사이트
    Thank you for publishing

    ReplyDelete
  43. YAMAHA Motorcycle is a two- or 3-wheeled motor vehicle. There are 3 major types of motorcycles: street, off-road, and dual purpose. Within those types, there are many sub-kinds of motorcycles for one of a kind purposes. There is mostly a racing counterpart to each type.
    Yamaha Motorcycle Benefits or Disadvantages
    YAMAHA is among the most seasoned makers of motorcycles and they serve a worldwide market delivering alongside Yamaha Motorcycle Price in Bangladesh a huge collection of gadgets going from pleasant models. A portion of the experts have integrated the accompanying

    ReplyDelete
  44. RUNNER two is among the most professional producers of bicycles and they serve a worldwide market conveying close by Runner Bike Price in BD an enormous variety of contraptions going from fine models. A part of the experts Samsung phones has incorporated the going with.

    ReplyDelete
  45. From September 2014, their Smartphones were authoritatively accessible in Bangladesh. They have begun their excursion with seven cell phones.
    • The organization presented telephones like Oppo N1 Mini and N3 in 2014 that contained exceptionally inventive turning camera innovation so we give all the most recent updates on Oppo.
    • With this element, one could utilize a solitary incredible camera as both front and back cameras and we walk you through all Other Feature.
    • In their initial days, Oppo was for the most part known for high spending Android cell phones and we assist you with finding the best Oppo Mobile Price in Bangladesh.
    • In any case, presently, they have set up themselves in the exceptionally requesting low-mid range scene in Bangladesh alongside some mid-range and premium leader deliveries and we will refresh you. Telephones like Oppo A3s got a monstrous reaction among the youthful age for its stylish indent configuration, thin body, fine execution, solid battery, and a great camera. This one single delivery helped them to make a smooth method to 2021.

    ReplyDelete
  46. We are really grateful for your blog post. You will find a lot of approaches after visiting your post. Great work
    고스톱

    ReplyDelete
  47. I am a new user of this site so here I saw multiple articles and posts posted by this site, I curious more interest in some of them hope you will give more information on this topics in your next articles.
    스포츠토토

    ReplyDelete
  48. I’m excited to uncover this page. I need to to thank you for ones time for this particularly fantastic read !! I definitely really liked every part of it and i also have you saved to fav to look at new information in your site.
    한국야동

    ReplyDelete
  49. It's really nice and meanful. it's really cool blog. Linking is very useful thing. You have really helped lots of people who visit blog and provide them useful information.
    토토사이트

    ReplyDelete