Technical Blog

Welcome to the ID TECH Products technical blog

Home  > Technical Blog

Posted: 30 Jan 2019

In Part I of this series, we talked about how chip-card transactions differ from magstripe. We saw that there’s a considerable amount of back-and-forth communication between the reader and the card. But (good news!) we also saw that a lot of that communication is handled automatically — which is to say, out of the control of the payment-app developer — by the reader’s EMV kernel. In Part II, we talked a bit about the various tags (or TLV data) that you can expect to get back during an EMV transaction, and what some of them mean. We also mentioned that an EMV transaction occurs in phases (with names like Start, Authenticate, and Complete). And we saw that different TLVs come back during the different phases. We’ve also mentioned (many times, in...

Posted: 17 Dec 2018

In Part I of this post, we talked a bit about EMV transactions and how they’re structured. We saw that: Unlike MSR (magstripe) transactions, an EMV transaction occurs in multiple stages. Most of the back-and-forth talk between the chip card and the reader happens at the kernel level, outside the control of application logic. Transaction results are returned in TLVs (“tags”). A cryptogram (a unique 8-byte piece of data produced by the card, using a private key known only to the card) is produced before the Completion stage of the transaction; and a second cryptogram is produced after the call to complete the transaction. The cryptogram comes back from the card in tag 9F26 (an EMVCo-defined tag, not a proprietary ID TECH tag). Generally, you’ll package up the first cryptogram (and...

Posted: 04 Sep 2018

ID TECH makes and markets a wide variety of payment devices, almost all of which, nowadays, are compatible with “chip cards” (or “smart cards”). Payments made with a chip card are generically referred to as “contact EMV,” or sometimes just “EMV.” (EMV, of course, stands for Europay, MasterCard, and Visa; the card-brand consortium.) In industry terms, an EMV transaction is one that conforms to the requirements of the four-volume EMV Integrated Circuit Card Specifications for Payment Systems (available from Wrapping your head around this spec takes time. At four volumes, it’s a pretty extensive specification. ID TECH tries to make “EMV compatibility” an easy-to-reach goal for developers, however, by offering a variety of free tools, SDKs, demos, and other resources designed to accelerate time-to-market for POS integrators and others who need...

Posted: 27 Jul 2018

Self-service or “unattended” credit card transactions are increasingly popular, not just at ATMs and gas pumps, but in a bewildering variety of other settings: pay-at-the-table terminals in restaurants,  tap-and-go public transit, airport kiosks, parking meters, vending machines, rental stations of all kinds, etc. Driven (in part) by technologies like Apple Pay and Google Pay, “self-service” has become one of the fastest growing segments of the payment industry as a whole. But note well, to succeed in unattended payments means more than just transplanting countertop credit-card acceptance technology to a kiosk enclosure. Think about it — unattended payment devices typically operate: Outdoors (no A/C, maybe no heat), possibly exposed to rain In locations with poor law enforcement coverage (thus, a built-in potential for vandalism) Where electrical power is at a premium; and/or...

Posted: 27 Jun 2018

In previous posts, I’ve mentioned ID TECH’s patent-pending Augusta chip-card reader, which can run an EMV transaction in as little as 2 seconds using built-in “faster EMV” support (often called Quick Chip). What makes Augusta unique (and patent-pending) isn’t just the ability to do Quick Chip transactions. The patent-pending part has to do with the fact that these transactions can be done with a USB device operating in keyboard mode. That means: You simply dip your card, and character data (representing the TLVs needed for an EMV transaction) come streaming out of the device automatically, suitable for direct consumption by, say, a browser-based virtual terminal app. No special drivers needed. To integrate Augusta into a payment app, you don’t need any special software to “interrogate” the card reader. The reader simply...