PSP Manual

M/Chip CardPersonalization

Standard Profiles1 April 2011

Notices

Proprietary Rights The information contained in this document is proprietary and confidentialto MasterCard International Incorporated, one or more of its affiliated entities(collectively “MasterCard”), or both.

This material may not be duplicated, published, or disclosed, in whole or inpart, without the prior written permission of MasterCard.

Trademarks Trademark notices and symbols used in this document reflect the registrationstatus of MasterCard trademarks in the United States. Please consult withthe Customer Operations Services team or the MasterCard Law Departmentfor the registration status of particular product, program, or service namesoutside the United States.

All third-party product and service names are trademarks or registeredtrademarks of their respective owners.

Billing For printed documents, MasterCard will bill principal members. Pleaserefer to the appropriate MasterCard Consolidated Billing System (MCBS)document for billing-related information.

Information AvailableOnline

MasterCard provides details about the standards used for thisdocument—including times expressed, language use, and contactinformation—on the Member Publications Support page available onMasterCard OnLine®. Go to Member Publications Support for centralizedinformation.

Translation A translation of any MasterCard manual, bulletin, release, or otherMasterCard document into a language other than English is intended solelyas a convenience to MasterCard members and other customers. MasterCardprovides any translated document to its members and other customers “ASIS” and makes no representations or warranties of any kind with respectto the translated document, including, but not limited to, its accuracy orreliability. In no event shall MasterCard be liable for any damages resultingfrom members’ and other customers’ reliance on any translated document.The English version of any MasterCard document will take precedence overany translated version in any legal proceeding.

Publication Code PSP

©2010 MasterCard1 April 2011 • M/Chip Card Personalization Standard Profiles

../MCBS/Menu_MCBS.html

../Support/Menu_Support.html

Summary of Changes, 1 April 2011This document reflects changes associated with the 1 April 2011 update. Some of the changes thatwere previously identified in the Errata, published in 9 February 2011, have been incorporatedin this update and are outlined in the Summary of Changes. To locate these changes online, onthe Adobe toolbar, click Find. In the Find box, type *chg*, and then press ENTER. To move tothe next change, press ENTER again.

Description of Change Where to Look

To ensure that members have access to current contact information and standardsused for MasterCard documentation, MasterCard has created the MemberPublications Support page. As a result, MasterCard has removed some contentfrom this document, including times expressed, language use, and contactinformation, which members now can find online.

Member PublicationsSupport page onMasterCard OnLine®

Added Profile 06 to Chapter 5. Profile 06: Maestroonline only with nooffline CAM

Added Chapter 8 Chapter 8

Added Profile 33 to Chapter 6. Profile 33:MasterCard/DebitMasterCard online onlywith no offline CAM –offline PIN

Added Profile 34 to Chapter 6. Profile 34:MasterCard/DebitMasterCard online onlywith no offline CAMand no offline PIN

Added Cirrus® to standard profiles list in Overview section. Revisions toparagraphs.

Overview of StandardProfiles

Revised paragraphs in Card Functions section. Card Functions

Revised paragraphs in Online Processing section. Online Processing

Modified images to add new profiles, Cirrus profile, and change Office to Offline. Chapter 3

Added table entries and footnotes. Issuer-Defined DataElements

Revised sentence in Risk Management section throughout manual. Issuer RiskManagement

Modified Mandatory Value for Application Label to Maestro or MAESTROthroughout manual.

Modified Mandatory Value for Log Entry to Determined by issuer throughoutmanual.

Removed Application Transaction Counter Limit and Previous Transaction Historyfrom Data Element List throughout manual.

Data Element List

©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 1

Description of Change Where to Look

Removed card must be able to operate offline from several areas throughoutmanual.

Profile 11:MasterCard/DebitMasterCard with SDAand offline PIN—FullChip Issuer (1)

Added asterick next to Signature under Cardholder Verfication section throughoutmanual.

Cardholder Verification

Revised sentence under Application Usage Control section throughout manual. Application UsageControl

Modified Mandatory Value for Application Label to MasterCard or MASTERCARDor Debit MasterCard or DEBIT MASTERCARD throughout manual.

Data Element List

Removed (zero not allowed) from Upper Consecutive Offline Limit and UpperCumulative Offline Transaction Amount throughout manual.

Data Element List

Modified Mandatory Value for CVM List from 5E03 to 1E03 throughout manual. Data Element List

Modified Mandatory Value for Application Control in Profile 15. Data Element List

Revised paragraphs in Profile 29. Profile 29:MasterCard/DebitMasterCard with SDAand signature—MagStripe Grade Issuerwhere issuer cannotinterpret TVR/CVR (2)

Revised paragraphs in Profile 31.

Modified Mandatory Value for Signed Static Application Data.

Profile 31:MasterCard/DebitMasterCard with SDAand signature—MagStripe Grade Issuer (4)

Modified Mandatory Value for Application Label to MC Electronic or MCELECTRONIC.

Data Element List

Modified Mandatory Values for Lower Consecutive Offline Limit, UpperConsecutive Offline Limit, Lower Cumulative Offline Transaction Amount, andUpper Cumulative Offline Transaction Acount in Profile 51, 52, and 53.

Data Element List

©2010 MasterCard2 1 April 2011 • M/Chip Card Personalization Standard Profiles

Table of Contents

Chapter 1 Using this Document ..................................................................... 1-iPurpose.................................................................................................................................... 1-1

Related Information ........................................................................................................... 1-1

Audience.................................................................................................................................. 1-1

Benefits .................................................................................................................................... 1-2

Support .................................................................................................................................... 1-2

Overview of Standard Profiles ................................................................................................. 1-2

Chapter 2 Principles and Issuer Decisions...................................................... 2-iCard Application ...................................................................................................................... 2-1

Card Functions......................................................................................................................... 2-1Contact Payment................................................................................................................ 2-1MasterCard Authentication Solutions for Chip ................................................................... 2-1

File Structures .......................................................................................................................... 2-3

Issuer Host Grade Processing .................................................................................................. 2-3Chip Host Grade................................................................................................................ 2-3Mag Stripe Host Grade....................................................................................................... 2-3

Card Authentication ................................................................................................................. 2-4

Cardholder Verification ............................................................................................................ 2-4

Online Processing.................................................................................................................... 2-5Exclusively-Online Cards ................................................................................................... 2-5Online-Preferring Cards ..................................................................................................... 2-5

Debit MasterCard ..................................................................................................................... 2-5

Chapter 3 Selecting a Profile .......................................................................... 3-iAsia Pacific Region .................................................................................................................. 3-1

Canada Region......................................................................................................................... 3-2

Europe Region ......................................................................................................................... 3-3

Latin America and the Caribbean Region................................................................................. 3-4

South Asia/Middle East/Africa Region ..................................................................................... 3-5

Chapter 4 Issuer-Defined Data Elements....................................................... 4-iIssuer-Defined Data Elements.................................................................................................. 4-1

©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 i

Table of Contents

Chapter 5 Standard Profiles for Maestro....................................................... 5-iProfile 01: Maestro with SDA—Full Chip Issuer ...................................................................... 5-1

Cardholder Verification ...................................................................................................... 5-1Application Usage Control ................................................................................................. 5-1Application Interchange Profile ......................................................................................... 5-1Issuer Risk Management .................................................................................................... 5-1MasterCard Authentication Solutions for Chip ................................................................... 5-3Data Element List ............................................................................................................... 5-3

Profile 02: Maestro with DDA—Full Chip Issuer ..................................................................... 5-6Cardholder Verification ...................................................................................................... 5-7Application Usage Control ................................................................................................. 5-7Application Interchange Profile ......................................................................................... 5-7Issuer Risk Management .................................................................................................... 5-7MasterCard Authentication Solutions for Chip ................................................................... 5-9Data Element List ............................................................................................................... 5-9

Profile 03: Maestro with CDA and DDA—Full Chip Issuer.................................................... 5-13Cardholder Verification .................................................................................................... 5-13Application Usage Control ............................................................................................... 5-13Application Interchange Profile ....................................................................................... 5-13Issuer Risk Management .................................................................................................. 5-13MasterCard Authentication Solutions for Chip ................................................................. 5-15Data Element List ............................................................................................................. 5-15

Profile 04: Maestro with SDA—Mag Stripe Grade Issuer where issuer can interpretTVR/CVR................................................................................................................................ 5-18

Cardholder Verification .................................................................................................... 5-19Application Usage Control ............................................................................................... 5-19Application Interchange Profile ....................................................................................... 5-19Issuer Risk Management .................................................................................................. 5-19MasterCard Authentication Solutions for Chip ................................................................. 5-20Data Element List ............................................................................................................. 5-20

Profile 05: Maestro with SDA—Mag Stripe Grade Issuer where issuer cannot interpretTVR/CVR................................................................................................................................ 5-23


Profile 06: Maestro online only with no offline CAM ............................................................ 5-28Cardholder Verification .................................................................................................... 5-28Application Usage Control ............................................................................................... 5-28Application Interchange Profile ....................................................................................... 5-28

©2010 MasterCardii 1 April 2011 • M/Chip Card Personalization Standard Profiles

Table of Contents

Issuer Risk Management .................................................................................................. 5-29MasterCard Authentication Solutions for Chip ................................................................. 5-29Data Element List ............................................................................................................. 5-29

Chapter 6 Standard Profiles for MasterCard/Debit MasterCard .................. 6-iProfile 11: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer(1) ............................................................................................................................................ 6-1


Profile 12: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer(2) ............................................................................................................................................ 6-7

Cardholder Verification ...................................................................................................... 6-7Application Usage Control ................................................................................................. 6-7Application Interchange Profile ......................................................................................... 6-8Issuer Risk Management .................................................................................................... 6-8MasterCard Authentication Solutions for Chip ................................................................. 6-10Data Element List ............................................................................................................. 6-10

Profile 13: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer(3) .......................................................................................................................................... 6-13


Profile 14: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer(1) .......................................................................................................................................... 6-19

Overview ......................................................................................................................... 6-19Cardholder Verification .................................................................................................... 6-20Application Usage Control ............................................................................................... 6-20Application Interchange Profile ....................................................................................... 6-20Issuer Risk Management .................................................................................................. 6-20MasterCard Authentication Solutions for Chip ................................................................. 6-21Data Element List ............................................................................................................. 6-21

Profile 15: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer(2) .......................................................................................................................................... 6-25

Cardholder Verification .................................................................................................... 6-25Application Usage Control ............................................................................................... 6-26Application Interchange Profile ....................................................................................... 6-26

©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 iii

Table of Contents

Issuer Risk Management .................................................................................................. 6-26MasterCard Authentication Solutions for Chip ................................................................. 6-27Data Element List ............................................................................................................. 6-27

Profile 16: MasterCard/Debit MasterCard with DDA and offline PIN—Full Chip Issuer(1) .......................................................................................................................................... 6-31






Profile 19: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer(1) .......................................................................................................................................... 6-49


Profile 20: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer(2) .......................................................................................................................................... 6-55

Cardholder Verification .................................................................................................... 6-56Application Usage Control ............................................................................................... 6-56Application Interchange Profile ....................................................................................... 6-56Issuer Risk Management .................................................................................................. 6-56MasterCard Authentication Solutions for Chip ................................................................. 6-57

©2010 MasterCardiv 1 April 2011 • M/Chip Card Personalization Standard Profiles

Table of Contents

Data Element List ............................................................................................................. 6-57

Profile 21: MasterCard/Debit MasterCard with CDA/DDA and offline PIN—Full ChipIssuer (1)................................................................................................................................ 6-61


Profile 22: MasterCard/Debit MasterCard with CDA/DDA and signature—Full Chip Issuer(2) .......................................................................................................................................... 6-67


Profile 23: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe GradeIssuer where issuer can interpret TVR/CVR........................................................................... 6-73


Profile 24: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe GradeIssuer where issuer cannot interpret TVR/CVR (1) ................................................................ 6-79




©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 v

Table of Contents





Profile 28: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe GradeIssuer where issuer cannot interpret TVR/CVR (1) ...............................................................6-103

Cardholder Verification ...................................................................................................6-103Application Usage Control ..............................................................................................6-104Application Interchange Profile ......................................................................................6-104Issuer Risk Management .................................................................................................6-104MasterCard Authentication Solutions for Chip ................................................................6-105Data Element List ............................................................................................................6-106

Profile 29: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe GradeIssuer where issuer cannot interpret TVR/CVR (2) ...............................................................6-109


Profile 30: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe GradeIssuer (3)...............................................................................................................................6-115


Profile 31: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe GradeIssuer (4)...............................................................................................................................6-121

Cardholder Verification ...................................................................................................6-122

©2010 MasterCardvi 1 April 2011 • M/Chip Card Personalization Standard Profiles

Table of Contents

Application Usage Control ..............................................................................................6-122Application Interchange Profile ......................................................................................6-122Issuer Risk Management .................................................................................................6-122MasterCard Authentication Solutions for Chip ................................................................6-124Data Element List ............................................................................................................6-125

Profile 32: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer(3) .........................................................................................................................................6-128


Profile 33: MasterCard/Debit MasterCard online only with no offline CAM – offlinePIN........................................................................................................................................6-134


Profile 34: MasterCard/Debit MasterCard online only with no offline CAM and no offlinePIN........................................................................................................................................6-138


Chapter 7 Standard Profiles for MasterCard Electronic................................ 7-iProfile 51: MasterCard Electronic with no offline CAM and offline PIN—Full ChipIssuer ....................................................................................................................................... 7-1


Profile 52: MasterCard Electronic with no offline CAM and signature—Full ChipIssuer ....................................................................................................................................... 7-5

Cardholder Verification ...................................................................................................... 7-5Application Usage Control ................................................................................................. 7-5

©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 vii

Table of Contents

Application Interchange Profile ......................................................................................... 7-5Issuer Risk Management .................................................................................................... 7-5MasterCard Authentication Solutions for Chip ................................................................... 7-6Data Element List ............................................................................................................... 7-6

Profile 53: MasterCard Electronic with DDA and offline PIN—Full Chip Issuer...................... 7-9Cardholder Verification ...................................................................................................... 7-9Application Usage Control ................................................................................................. 7-9Application Interchange Profile ......................................................................................... 7-9Issuer Risk Management .................................................................................................. 7-10MasterCard Authentication Solutions for Chip ................................................................. 7-10Data Element List ............................................................................................................. 7-10

Chapter 8 Standard Profiles for Cirrus........................................................... 8-iProfile 81: Cirrus...................................................................................................................... 8-1


Appendix A Supplementary Data Elements Per Card Version .....................A-iCounter Limits and Previous Transaction.................................................................................A-1

Counters and Data Elements with a Fixed Initial Value...........................................................A-1

©2010 MasterCardviii 1 April 2011 • M/Chip Card Personalization Standard Profiles

Chapter 1 Using this DocumentThis chapter outlines the standardized sets of card personalization data that an issuer can usefor their M/Chip 4 cards to meet most common business requirements for contact payments, andchip authentication.

Purpose.......................................................................................................................................... 1-1

Related Information ................................................................................................................. 1-1

Audience........................................................................................................................................ 1-1

Benefits .......................................................................................................................................... 1-2

Support .......................................................................................................................................... 1-2

Overview of Standard Profiles ....................................................................................................... 1-2

©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 1-i

Using this DocumentPurpose

PurposeThis document provides a set of standard card personalization profiles thatissuers can use to personalize M/Chip 4 cards.

The profiles cover requirements for:

• Contact interface

• MasterCard Authentication Solutions for Chip

The standard card personalization profiles presented in this document areoptional and designed to address common issuing requirements in each marketand region that is migrating to chip technology.

Issuers are recommended to contact their MasterCard regional office to checkon the standard profiles which are fine tuned to their specific country orregion’s market requirements. Profiles are not restricted to a specific region,although they are designed with the needs of a region in mind.

If a standard profile is not used, issuers must still respect the chip personalizationrequirements detailed in:

• MasterCard Authentication Solutions for Chip (MAS4C): PersonalizationProfiles For M/Chip 4 Using PLA Technology (AA4C) and CAP Technology(CAP)

• M/Chip Personalization Data Specifications and Profiles

Related Information

The following documents provide information related to the subjects discussedin this manual:

• M/Chip Processing Services—Service Description

• M/Chip Requirements

For definitions of key terms used in this document, please refer to theMasterCard Dictionary on the Member Publications home page (on MasterCardOnLine® and the MasterCard Electronic Library CD-ROM).

AudienceThis document is intended for use by issuers, personalization bureaus, andprocessors involved in the issuance and personalization of M/Chip 4 basedcards.

©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 1-1

Using this Document

Benefits

BenefitsBy using these standard card personalization profiles, issuers gain the followingbenefits:• Define parameters that are accurate for the specific market and product

proposition• Avoid or reduce the time (and implicit costs) needed to analyze MasterCard

documentation to determine what personalization parameters to use• Have off-the-shelf card personalization profiles with defined characteristics

that are compliant with the recommendations and the mandates expressedin MasterCard personalization requirements

• A reduction in the time and administration necessary to complete CardPersonalization Validation (CPV)

Issuers are able to perform their own analysis to determine their individualcard personalization parameters. However, in doing so, issuers must balancethe time, effort and costs of this analysis against the benefits that may beachieved by using the standard card personalization parameters provided inthis document.

MasterCard recommends using a Standard Profile wherever one is available tomeet an issuer’s business requirements.

SupportFor support and assistance with implementing the standard card profiles pre-sented in this document, please contact [email protected].

Overview of Standard Profiles *chg*

Standard Profiles are available for the following brands:• Cirrus®

• Maestro®

• MasterCard®/Debit MasterCard®

• MasterCard® Electronic™

Standard Profiles are available for the following regions:• Asia Pacific• Canada• Europe• Latin America, Caribbean• South Asia, Middle East, Africa

The Standard Profiles are designed to meet the usual business requirements forthe market. When using a Standard Profile, all values defined by the profilemust be used without alteration. Any changes made mean that the settings arenot consistent with the standard profile and a full CPV certification is required.

©2010 MasterCard1-2 1 April 2011 • M/Chip Card Personalization Standard Profiles

mailto:[email protected]

Using this Document

Overview of Standard Profiles

The Standard Profiles are for use with the M/Chip 4 platform. Depending onthe standard card personalization profile used, the chip application will beM/Chip 4 Lite or M/Chip 4 Select.

These profiles are suitable for issuers subscribing to the M/Chip CryptogramPre-validation Service or to the Combined Service Option as defined in M/ChipProcessing Services—Service Description.

The Standard Profiles provide all the necessary personalization parametersexcept for those that are card specific (such as PAN) and a limited number thatare specific to the issuer and their situation, and must therefore be defined bythe issuer, such as country code, currency code, issuer keys and certificatesand offline limits.

All standard card personalization profiles use “semi-grade” or “mag stripe grade”card settings. The use of the semi-grade setting improves the card acceptance insome countries where the Issuer Authentication Data is sometimes not deliveredto the card after an online authorization. A transaction can be approved evenif an ARPC is not received but the offline risk control counters are not reset,ensuring the card does not approve subsequent transactions without properissuer control.


Chapter 2 Principles and Issuer DecisionsThe following chapter defines card usage, types, and the requirements for using standard profiles.

Card Application ............................................................................................................................ 2-1

Card Functions............................................................................................................................... 2-1

Contact Payment...................................................................................................................... 2-1

MasterCard Authentication Solutions for Chip ......................................................................... 2-1

File Structures ................................................................................................................................ 2-3

Issuer Host Grade Processing ........................................................................................................ 2-3

Chip Host Grade...................................................................................................................... 2-3

Mag Stripe Host Grade............................................................................................................. 2-3

Card Authentication ....................................................................................................................... 2-4

Cardholder Verification .................................................................................................................. 2-4

Online Processing.......................................................................................................................... 2-5

Exclusively-Online Cards ......................................................................................................... 2-5

Online-Preferring Cards ........................................................................................................... 2-5

Debit MasterCard ........................................................................................................................... 2-5


Principles and Issuer DecisionsCard Application

Card ApplicationStandard Profiles are for use with cards using an M/Chip 4 application.

If the card supports a dynamic offline card authentication method (CAM), anM/Chip Select application must be used. If the card does not support dynamicoffline CAM, an M/Chip Lite, or an M/Chip Select application may be used.

M/Chip 4 version 1.1a or 1.1b may be used. Either version supports theMasterCard SKD method for the AC key derivation used in these profiles.

Standard profiles cannot be used with older versions of M/Chip, such asM/Chip 2.1.

Card Functions

Contact Payment

Standard Profiles are used with cards that support a single payment application.

Standard Profiles do not support cards with multiple payment applications,although the personalization values listed may be used on different applicationsand submitted to the CPV process. *chg*

A separate application for MasterCard Authentication Solutions for Chip may beused with a Standard Profile.

MasterCard Authentication Solutions for Chip *chg*

Standard profiles may be used with a separate MasterCard AuthenticationSolutions for Chip application.

The card may also be personalized to support MasterCard AuthenticationSolutions for Chip (MAS4C) as part of the payment application. MasterCardsuggests adding this personalization option to all cards even if the issuer has noshort term plans to implement MAS4C.

The Chip Authentication Program (CAP) is a cardholder authentication methodwhich builds upon the authentication capabilities provided by EMV. CAP usesan EMV chip card and a Personal Card Reader (PCR) to generate a CAP Token.

The Advanced Authentication for Chip (AA4C) further develops CAP. It is basedon the PLA specification and:

• Accommodates cards that do not support offline (plaintext) PIN verification1

• Generates a CAP Token using either numeric or alphanumeric characters

1. PCRs compliant with this new specification skip the requirement for PIN entry when the EMVcard does not indicate support for offline (plaintext) PIN in the CVM List. Successful offlinePIN Verification is required if the card supports offline (plaintext) PIN.


Principles and Issuer Decisions

Card Functions

The personalization settings described in this document support both CAP andAA4C solutions depending on the capability of the Personal Card Reader. If theStandard Profile does not support offline plain text PIN, then AA4C PersonalCard Reader must be used.

Two additional data elements must be personalized when using StandardProfiles to support MAS4C as described in this document:

• Issuer Authentication Flags (tag “9F55”)

• Issuer Proprietary Bitmap (tag “9F56”)

Partial personalization (for example, IPB personalized on the card but no IAFpersonalized) is not accepted. Both data elements (IPB and IAF) must beretrievable using READ RECORD (AFL) only (No FCI Template).

A CAP token of a maximum of 8 characters (alphanumeric) or 12 digits(numeric) is produced by these settings, depending on the type of personalcard reader used with the card.

If an issuer decides to use a standard payment profile described in thisdocument without IAF and IPB and add a separate cardholder authenticationapplication (CAA), then the personalization of the CAA must comply with thepersonalization profiles defined to support MAS4C and approval will follow thenormal Card Personalization Verification procedure.

In order to validate a CAP Token, the issuer’s CAP Token Validation Service(CTVS) must be able to manage the Application Transaction Counter (ATC) andcompute the Application Cryptogram based on the data carried by the CAPToken and other values known to the CTVS (static or derived). It is part of thebasic security requirements to check the ATC values in order to counter replayattacks. Cross contamination between payment and authentication may bemitigated and controlled using a set of straightforward rules and checks. Tosupport mag stripe grade issuers and others wanting to implement MAS4C withlittle host system impact, MasterCard provides on behalf of CTVS.



File Structures

File StructuresIssuers are free to develop their own file structures on their chip cards forcontact payments, but it must not conflict with the PayPass requirements if thecard supports a dual interface.

Issuer Host Grade Processing

Chip Host Grade

With Chip Host Grade, the issuer host system is able to receive chip data,validate the ARQC cryptogram, analyze the TVR and CVR, and use theinformation to influence the authorization decision. An ARPC is generated withthe authorization response.

If the issuer has Chip Host Grade, the card will be configured as “semi-grade.”This means that, in order to improve acceptance where there may be issuesin the acquirer infrastructure, this profile will approve transactions approvedonline even if no ARPC is provided to the card. To ensure a high level of riskcontrol, offline counters are not reset unless the card receives a valid ARPC.

Issuers that subscribe to the M/Chip Cryptogram Pre-validation Service or tothe Combined Service Option as defined in M/Chip Processing Services—ServiceDescription are considered as operating in Chip Host Grade.

Mag Stripe Host Grade

With Mag Stripe Host Grade, the issuer host system is not able to generate anARPC with the authorization response.

The issuer may or may not be able to interpret the TVR and CVR received withthe authorization message and influence the authorization response accordingly.This capability will influence several settings on the card and is therefore usedto help define mag-stripe grade profiles.

If the issuer has Mag Stripe Host Grade, the card will be configured as“mag-stripe grade.” In this profile the card will approve transactions approvedonline with no ARPC and the offline counters on the card are reset. Usingmag-stripe grade introduces extra risk for the issuer as a stolen card can havethe offline counters reset by a fraudster without any cryptographic control.

Issuers that subscribe to the M/Chip Conversion Service as defined in M/ChipProcessing Services—Service Description are considered as operating inMag-Stripe Host Grade.



Card Authentication

Card AuthenticationProfiles support:

• SDA—where simple static data authentication is acceptable to the issuerfor offline transactions

• DDA—where dynamic data authentication is required by the issuer foroffline transactions

• SDA and DDA on the same card—is not supported in these profiles

• CDA—where dynamic data authentication is required by the issuer foroffline transactions using the Combined Data Authentication that links theauthentication to the card transaction decision. DDA is also supportedwhen the card supports CDA as CDA support is not currently mandated onterminals. SDA is not supported in these profiles

• No offline CAM—where the card is an online only card

CDA profiles should only be used in markets where the local terminalinfrastructure supports all currently valid MasterCard public keys.

If the card supports dynamic offline CAM methods, an M/Chip Select applicationmust be used. If the card does not support dynamic offline CAM, an M/ChipLite application may be used. *chg*

Issuers must follow the requirements in the M/Chip Requirements to ensure anappropriate CAM is used for the product and region in which the card is issued.

Cardholder VerificationAll Standard Profiles support online PIN for ATMs. Every profile has “onlinePIN if unattended cash” or “online PIN if the terminal supports” as the firstentry in the CVM list.

Offline PIN must be supported for Maestro and may be supported forMasterCard and MasterCard Electronic.

If the card supports offline PIN, then:

• Offline—plain text PIN is used on SDA cards and cards that do not supportan offline CAM

• Offline—enciphered PIN and offline, plain text PIN (in that order) are usedon DDA capable cards

The offline enciphered PIN uses the DDA key

For MasterCard and MasterCard Electronic, online PIN may be preferred tosignature at the POS.

If offline PIN fails or PIN entry is not possible for online PIN, the transactionmay be declined offline or may result in an online authorization. Where theissuer has a mag-stripe grade host and is not able to interpret the TVR/CVR andoffline PIN is used, these transactions should be declined offline.


Principles and Issuer DecisionsOnline Processing

Online Processing

Exclusively-Online Cards

An exclusively-online card never approves a transaction offline. If onlineauthorization is not available, the card declines offline. *chg*

Cirrus and MasterCard Electronic® cards must be personalized to be exclusivelyonline. Maestro® cards and certain MasterCard card programs may beexclusively online. Refer to the M/Chip Requirements manual.

Unless the card also supports encrypted offline PIN, or the issuer operateswith a mag-stripe grade host, an exclusively-online card should not supportoffline CAM.

If the card does support encrypted offline PIN, or the issuer host is mag-stripegrade, the card is made exclusively online by the CIAC settings. Issuers arerecommended to use DDA cards in this situation.

Exclusively online cards should be personalized with their upper offline limitsset to zero.

Online-Preferring Cards *chg*

Online-preferring cards always request an online authorization, but may accepttransactions offline in certain situations (that is, when an online connection isnot available). Maestro and MasterCard cards may be online-preferring.

Cards that normally work online should be personalized with their lower offlinelimits set to zero. The card may also be personalized as online-preferring bythe CIAC settings. Using the lower offline limits makes it easier to changethe status of the card post issuance. *chg*

MasterCard cards, unless Unembossed MasterCard or part of a prepaid program,should be able to authorize a controlled amount of transactions at offlineterminals and should not be personalized to routinely decline all offlinetransactions.

Debit MasterCardIf the MasterCard Standard Profiles are used for Debit MasterCard, the settingsdefined in this book will change as follows:

• The Application Label (tag 50) should be “Debit MasterCard.”

• The Application Usage Control (tag 9F07) should be “FFC0” to allow forcash back.


Chapter 3 Selecting a ProfileMembers should check with their MasterCard Regional Office to confirm which Standard Profiles areappropriate for their market.

The tables in this chapter indicate which profiles are available in each region and the decision criteriafor identifying which profile is appropriate to the issuer’s needs.

Asia Pacific Region......................................................................................................................... 3-1

Canada Region............................................................................................................................... 3-2

Europe Region ............................................................................................................................... 3-3

Latin America and the Caribbean Region....................................................................................... 3-4

South Asia/Middle East/Africa Region ........................................................................................... 3-5


Selecting a Profile

Asia Pacific Region

Asia Pacific Region *chg*

Ten Standard Profiles have been defined for different business requirements inthe Asia Pacific region for the MasterCard product.


Selecting a Profile

Canada Region

Canada Region *chg*

Seven Standard Profiles have been defined for different business requirementsin the Canada region for the MasterCard product.


Selecting a ProfileEurope Region

Europe Region *chg*

Thirteen Standard Profiles have been defined for different business requirementsin the Europe region.


Selecting a Profile

Latin America and the Caribbean Region

Latin America and the Caribbean Region *chg*

Fourteen Standard Profiles have been defined for different businessrequirements in the Latin America and the Caribbean region.


Selecting a Profile

South Asia/Middle East/Africa Region

South Asia/Middle East/Africa Region *chg*

Ten Standard Profiles have been defined for different business requirements inthe South Asia/Middle East/Africa region.


Chapter 4 Issuer-Defined Data ElementsThe following data elements are defined by the issuer and are not fixed per the Standard Profile.

Issuer-Defined Data Elements........................................................................................................ 4-1


Issuer-Defined Data ElementsIssuer-Defined Data Elements

Issuer-Defined Data ElementsData elements marked with an asterisk (*) are optional. *chg*

Data Element Name Tag Value *chg*

AC Master Key (MKAC) N/A Determined by issuer

Application Currency Code*1 9F42 Determined by issuer

Application Currency Exponent *1 9F44 Determined by issuer

Application Effective Date* 5F25 Determined by issuer

Application Expiration Date 5F24 Determined by issuer

Application File Locator 94 Determined by issuer

Application Life Cycle Data 9F7E Determined by issuer

Application Preferred Name* 9F12 Determined by issuer.

Application Primary Account Number 5A Determined by issuer

Application Primary Account NumberSequence Number2

5F34 Determined by issuer

bit 8 must be 0 = Application maybe selected without confirmation ofcardholder

Application Priority Indicator 87

bits 4–1: priority of the application-determined by issuer. Normally‘0001’ for a card supporting just oneapplication.

Cardholder Name3 5F20

Cardholder Name Extended* 9F0B Determined by issuer

CRM Country Code C8 Same value as Issuer Country Codetag 5F28

Must not be ‘0000’

CRM Currency Code *chg*C9 *chg*Same value as Application Currency *chg*Code tag 9F42 (if present)

1. Mandatory for Standard Profile 31.

2. Use of the Application PAN Sequence Number is mandatory as it is used by the M/Chip 4application in the AC key derivation.

3. The Cardholder Name must not be present on the contactless interface.




Currency Conversion Table *chg*D1 *chg*Determined by the issuer (in case *chg*that one or several entries are notused, please set these entries withCRM Currency Code).

FCI Issuer Discretionary Data*4 *chg*BF0C *chg*9F 4D020Bxx (xx is the number of *chg*records for log file).

Issuer Country Code 5F28 Country code of the bank issuingthe card

Issuer Code Table* *chg*9F11 *chg*Supports the character set of the *chg*Application Preferred Name.

Must be present if ApplicationPreferred Name (tag 9F12) ispresent.

Key Derivation Index N/A Determined by issuer

Language Preference* 5F2D Determined by issuer

Log Entry (in the FCI)* 4 *chg*9F4D *chg*Byte 1: Lower bits contain the SFI *chg*of the cyclic transaction log file(11). Byte 2: Maximum number ofrecords in the transaction log file.

Lower Consecutive Offline Limit5 9F14 Determined by issuer *chg*

Lower Cumulative Offline TransactionAmount6

CA Determined by issuer *chg*

Reference (Offline) PIN*7 N/A Determined by issuer

SM for Confidentiality Master Key(MKSMC)*

N/A Determined by issuer

SM for Integrity Master Key (MKSMI)* N/A Determined by issuer

Track 1 Discretionary Data* 9F1F Determined by issuer

Track 2 Discretionary Data* 9F20 Determined by issuer

4. If either FCI Issuer Discrtionary Data (BF0C) or Log Entry (9F4D) is present then the othermust also be present.

5. An online preferring card may set the LCOL to zero

6. An online preferring card may set the LCOTA to zero.

7. Only required if card supports offline PIN




Track 2 Equivalent Data 57 Determined by issuer

Upper Consecutive Offline Limit8 9F23 Determined by issuer

Upper Cumulative Offline TransactionAmount9

CB Determined by issuer

See also the card counter and limits data elements shown in AppendixA—Supplementary Data Elements per Card Version.

8. The UCOL may only be set to zero for certain MasterCard card programs.

9. The UCOTA may only be set to zero for certain MasterCard card programs.


Chapter 5 Standard Profiles for MaestroThis chapter details the Standard Profiles that are available to an issuer for use with the Maestroproduct.

Profile 01: Maestro with SDA—Full Chip Issuer ............................................................................ 5-1


Application Usage Control ....................................................................................................... 5-1

Application Interchange Profile ............................................................................................... 5-1

Issuer Risk Management .......................................................................................................... 5-1


Data Element List ..................................................................................................................... 5-3

Profile 02: Maestro with DDA—Full Chip Issuer ........................................................................... 5-6







Profile 03: Maestro with CDA and DDA—Full Chip Issuer.......................................................... 5-13

Cardholder Verification .......................................................................................................... 5-13

Application Usage Control ..................................................................................................... 5-13

Application Interchange Profile ............................................................................................. 5-13

Issuer Risk Management ........................................................................................................ 5-13

MasterCard Authentication Solutions for Chip ....................................................................... 5-15

Data Element List ................................................................................................................... 5-15

Profile 04: Maestro with SDA—Mag Stripe Grade Issuer where issuer can interpretTVR/CVR...................................................................................................................................... 5-18







Profile 05: Maestro with SDA—Mag Stripe Grade Issuer where issuer cannot interpretTVR/CVR...................................................................................................................................... 5-23



Standard Profiles for Maestro






Profile 06: Maestro online only with no offline CAM .................................................................. 5-28







©2010 MasterCard5-ii 1 April 2011 • M/Chip Card Personalization Standard Profiles

Standard Profiles for MaestroProfile 01: Maestro with SDA—Full Chip Issuer

Profile 01: Maestro with SDA—Full Chip IssuerThis Standard Profile is for the issuer of Maestro cards supporting SDA in aFull Chip grade host processing environment or the issuer is using one of theappropriate MasterCard on-behalf services.

The card supports offline PIN (plain text) which is preferred to online PIN atthe POS. The card will always use online PIN at ATMs. Signature and No CVMare not supported. If offline PIN fails or if PIN entry is bypassed or not possible,the card will try to go online and decline the transaction if this is not possible.

The card may operate offline and Lower and Upper Limit parameters areused in risk management to decide whether to accept the transaction offlineor to request an online authorization. The card may be configured as onlinepreferring.

NOTE

This profile will normally be implemented on M/Chip 4 Lite. This profile may be implementedon M/Chip 4 Select.


The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions) or Manual

Cash (cash advance)*• Offline plain text PIN*, if the terminal is able to perform it• Online PIN* for other cases (such as any terminal does not support offline

PIN)* If these CVM are not successful, then CVM processing has failed.

Application Usage Control

The card is valid for any domestic and international use, for example: Goods,Services, Cash, and Cash Back.

The card can be used at ATM, POS, and any other devices.

Application Interchange Profile

Functions that the card requests:• SDA• Terminal Risk Management• Cardholder Verification

Issuer Risk Management

Risk management is performed by the terminal via Issuer Action codes (IAC)and by the card via Card Issuer Action Codes during each transaction.



The settings for risk management are:• If offline CAM is not performed, then the transaction must go online. If it is

not possible to go online, then the transaction is rejected.• If SDA fails, then the transaction must go online. If it is not possible to go

online, then the transaction is rejected.• If ICC Data is missing, then the transaction must go online. If it is not

possible to go online, then the transaction is rejected.• If the card appears on an exception file, then the transaction must go

online. If it is not possible to go online, then the transaction is rejected.• If the card application has expired, then the transaction must go online. If it

is not possible to go online, then the transaction is rejected.• If the card application is not yet effective, then the transaction must go

online. If it is not possible to go online, then the transaction is acceptedoffline.

• If card usage is not allowed, then the transaction must go online. If it is notpossible to go online, then the transaction is rejected.

• If the card is a new card then no action is taken on this issue. *chg*

• If the cardholder verification is unsuccessful, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.

• If the offline PIN fails (or if the offline PIN try limit is exceeded), thenthe transaction must go online. If it is not possible to go online, then thetransaction is rejected.

• If the PIN is bypassed, then the transaction must go online. If it is notpossible to go online, then the transaction is rejected.

• If the PIN pad is not working, then the transaction must go online. If it isnot possible to go online, then the transaction is rejected.

• If the terminal erroneously considers the offline PIN to be approved, but ithas not been approved by the card, then the transaction must go online. Ifit is not possible to go online, then the transaction is rejected.

• If the transaction amount exceeds the terminal floor limit, then thetransaction must go online. If it is not possible to go online, then thetransaction is rejected.

• If the terminal forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedoffline.

• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedoffline.

• If the Lower Consecutive Offline Limit is exceeded (for a transactionperformed in a non-issuer currency), then the transaction must go online. Ifit is not possible to go online, then the transaction is accepted offline.

• If the Lower Cumulative Offline Transaction Amount is exceeded (for atransaction performed in the issuer currency), then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedoffline.

• If the Upper Consecutive Offline Limit is exceeded (for a transactionperformed in a non-issuer currency), then the transaction must go online. Ifit is not possible to go online, then the transaction is rejected.



• If the Upper Cumulative Offline Transaction Amount is exceeded (for atransaction performed in the issuer currency), then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.

• If the transaction is international, the card takes no action on this issue. Thecard may alternatively request that the transaction go online. If it is notpossible to go online, then the transaction is accepted offline.

• If the transaction is domestic, the card takes no action on this issue. Thecard may alternatively request that the transaction go online. If it is notpossible to go online, then the transaction is accepted offline.

• It is more flexible to make the card “on-line preferring,” if required, bysetting the LCOL and LCOA to zero, as this can be updated in the futureby a script command.

MasterCard Authentication Solutions for Chip

Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (both IAF and IPB).

Data Element List

Table 5.1—Data Element List

Data Element Name Tag Mandatory Value

AC Master Key (MKAC) Determined by issuer

Application Control D5 84 00

Application Currency Code 9F42 Determined by issuer

Application Currency Exponent 9F44 Determined by issuer

Application Effective Date 5F25 Determined by issuer



Application Identifier if card supportsa PSE

4F Same value as Dedicated File Name tag84

Application Interchange Profile 82 58 00

Application Label 50 Maestro or MAESTRO *chg*


Application Preferred Name 9F12 Presence and value determined by issuer

Application Primary AccountNumber

5A Determined by issuer




Application Primary AccountNumber Sequence Number


Bit 8 must be 0 = Application maybe selected without confirmation ofcardholder


Bits 4–1: priority of the application-determined by issuer

Application Usage Control 9F07 FFC0

Application Version Number 9F08 00 02

Card Issuer Action Code—Decline C3 00 00 00

Card Issuer Action Code—Default C4 39 50 00

Card Issuer Action Code—Online C5 39 FB 00

3F FB 00 may be used to make the card“online preferring”

Cardholder Name 5F20 Determined by issuer

Cardholder Name Extended 9F0B Determined by issuer

CDOL 1 8C M/Chip Lite: 9F 02 06 9F 03 06 9F 1A 0295 05 5F 2A 02 9A 03 9C 01 9F 37 04 9F35 01 9F 45 02 9F 34 03

M/Chip Select: 9F 02 06 9F 03 06 9F 1A02 95 05 5F 2A 02 9A 03 9C 01 9F 37 049F 35 01 9F 45 02 9F 4C 08 9F 34 03

CDOL 2 8D M/Chip Lite: 91 0A 8A 02 95 05

M/Chip Select: 91 0A 8A 02 95 05 9F 3704 9F 4C 08

CDOL 1 Related Data Length C7 M/Chip Lite: 23

M/Chip Select: 2B

Certification Authority Public KeyIndex

8F Determined by issuer/personalizationsystem

CRM Country Code C8 Same value as Issuer Country Code tag5F28

CRM Currency Code C9 Same value as Application CurrencyCode tag 9F42

CVM List 8E 00000000 00000000 4201 0204 0103 0200

Currency Conversion table D1 Determined by issuer (in case that oneor several entries are not used, pleaseset these entry(ies) with CRM CurrencyCode)




Dedicated File Name 84 A0000000043060

Default ARPC Response Code D6 0010

FCI Issuer Discretionary Data BF0C Determined by issuer *chg*

Issuer Action Code—Default 9F0D F0 50 BC 80 00

Issuer Action Code—Denial 9F0E 00 00 00 00 00

Issuer Action Code—Online 9F0F F0 70 BC 98 00

Issuer Authentication Flags (if cardsupports MasterCard AuthenticationSolutions for Chip)

9F55 F0

Issuer Code Table Index 9F11 Supports the character set of theApplication Preferred Name

Issuer Country Code 5F28 Country code of the bank issuing the card

Issuer Public Key Certificate 90 Calculated by MasterCard CertificationAuthority

Issuer Public Key Exponent 9F32 03

Issuer Public Key Remainder 92 Calculated by MasterCard CertificationAuthority

Issuer Proprietary Bitmap (if cardsupports MasterCard AuthenticationSolutions for Chip)

9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00

Key Derivation Index Determined by issuer

Language Preference 5F2D Determined by issuer

Log Entry (in the FCI) 9F4D Determined by issuer

Lower Consecutive Offline Limit 9F14 Determined by issuer

Lower Cumulative OfflineTransaction Amount

CA Determined by issuer

PIN Try Counter 9F17 03 or greater

PIN Try Limit N/A 03 or greater

Reference (Offline) PIN N/A Determined by issuer


Standard Profiles for MaestroProfile 02: Maestro with DDA—Full Chip Issuer


DAC: Determined by issuer/personaliza-tion system

5F 25: Application Effective Date

5F 24: Application Expiration Date

9F 07: Application Usage Control

5A: Application PAN

5F 34: Application PAN Sequence No.

8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online

5F28: Issuer Country Code

Signed Static Application Data 93

9F4A: Static Data Authentication Tag List

SM for Confidentiality Master Key(MKSMC)

Determined by issuer

SM for Integrity Master Key (MKSMI) Determined by issuer

Static Data Authentication Tag List 9F4A 82

Track 1 Discretionary Data 9F1F Determined by issuer

Track 2 Discretionary Data 9F20 Determined by issuer


Upper Consecutive Offline Limit 9F23 Determined by issuer

Upper Cumulative OfflineTransaction Amount



Profile 02: Maestro with DDA—Full Chip IssuerThis Standard Profile is for the issuer of Maestro cards supporting DDA in aFull Chip grade host processing environment or the issuer uses one of theappropriate MasterCard on-behalf services.



The card supports offline PIN (enciphered or plain text) which is preferred toonline PIN at the POS. The card will always use online PIN at ATMs. Signatureand No CVM are not supported. If offline PIN fails or if PIN entry is bypassedor not possible, the card will try to go online and decline the transactionif this is not possible.


NOTE

This profile must be implemented on M/Chip 4 Select.



Cash (cash advance)*• Offline enciphered or plain text PIN*, if the terminal is able to perform it• Online PIN* for other cases (such as any terminal does not support offline






Functions that the card requests:• DDA• Terminal Risk Management• Cardholder Verification




not possible to go online, then the transaction is rejected.• If DDA fails, then the transaction must go online. If it is not possible to go

online, then the transaction is rejected.



• If ICC Data is missing, then the transaction must go online. If it is notpossible to go online, then the transaction is rejected.

• If the card appears on an exception file, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.

• If the card application has expired, then the transaction must go online. If itis not possible to go online, then the transaction is rejected.

• If the card application is not yet effective, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedoffline.



• If the cardholder verification fails, then the transaction must go online. If itis not possible to go online, then the transaction is rejected.



















Data Element List













Application Preferred Name 9F12 Presence and value determined byissuer







bits 4–1: priority of the application-determined by issuer












CDOL 1 8C 9F 02 06 9F 03 06 9F 1A 02 95 05 5F 2A02 9A 03 9C 01 9F 37 04 9F 35 01 9F 4502 9F 4C 08 9F 34 03

CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08

CDOL 1 Related Data Length C7 2B





CVM List 8E 00000000 00000000 4201 0204 44030103 0200


DDOL 9F49 9F3704



FCI Issuer Discretionary Data BF0C Determined by issuer




Static Data to be authenticated




5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1

ICC Public Key Certificate 9F46

8D: CDOL2

ICC Public Key Exponent 9F47 03

ICC Public Key Remainder 9F48 Determined by issuer/personalizationsystem

Issuer Action Code—Default 9F0D B8 50 BC 80 00


Issuer Action Code—Online 9F0F B8 70 BC 98 00


9F55 F0


Issuer Country Code 5F28 Country code of the bank issuing thecard





9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00






Log Entry (in the FCI) 9F4D Determined by issuer *chg*



















Standard Profiles for MaestroProfile 03: Maestro with CDA and DDA—Full Chip Issuer

Profile 03: Maestro with CDA and DDA—Full Chip IssuerThis Standard Profile is for the issuer of Maestro cards supporting CDA andDDA in a Full Chip grade host processing environment or the issuer uses oneof the appropriate MasterCard on-behalf services.

The card supports offline PIN (enciphered or plain text) which is preferred toonline PIN at the POS. The card will always use online PIN at ATMs. Signatureand No CVM are not supported. If offline PIN fails or if PIN entry is bypassedor not possible, the card will try to go online and decline the transactionif this is not possible.


NOTE




Cash (cash advance)*• Offline enciphered or plain text PIN*, if the terminal is able to perform it• Online PIN* for other cases (such as any terminal does not support offline






Functions that the card requests:• CDA and DDA• Terminal Risk Management• Cardholder Verification







online, then the transaction is rejected.• If CDA fails, then the transaction must go online. If it is not possible to go























• If the transaction is domestic, the card takes no action on this issue. The cardmay alternatively request that the transaction go online. If it is not possibleto go online, then the transaction is accepted offline. It is more flexible tomake the card “on-line preferring”, if required, by setting the LCOL andLCOA to zero, as this can be updated in the future by a script command.



Data Element List

















bit 8 must be 0 = Application may beselected without confirmation of cardholder



















5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2


ICC Public Key Remainder 9F48Determined by issuer/personalizationsystem

DDOL 9F49 9F3704


4F Same value as Dedicated File Name tag 84







Issuer Code Table Index 9F11 Supports the character set of the ApplicationPreferred Name










CRM Currency Code C9 Same value as Application Currency Codetag 9F42

Currency Conversion table D1 Determined by issuer (in case that one orseveral entries are not used, please set theseentry(ies) with CRM Currency Code)

CRM Country Code C8 Same value as Issuer Country Code tag 5F28










Issuer Action Code—Online 9F0F BC 70 BC 98 00

Issuer Action Code—Default 9F0D BC 50 BC 80 00

CVM List 8E 00000000 00000000 4201 0204 4403 01030200


Standard Profiles for MaestroProfile 04: Maestro with SDA—Mag Stripe Grade Issuer where issuer can interpret TVR/CVR








Application Control D5 8C 00

CDOL 1 8C 9F 02 06 9F 03 06 9F 1A 02 95 05 5F 2A 029A 03 9C 01 9F 37 04 9F 35 01 9F 45 02 9F4C 08 9F 34 03

CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 00 0000 00 30 00 FF 00 00 00


Profile 04: Maestro with SDA—Mag Stripe Grade Issuerwhere issuer can interpret TVR/CVR

This Standard Profile is for the issuer of Maestro cards supporting SDA in a MagStripe grade host processing environment. However, the issuer can interpret theTVR and CVR received in authorization messages and take action accordingly.

The card supports offline PIN (plain text) but online PIN is always preferred.The card will always use online PIN at ATMs. Signature and No CVM are notsupported. If offline PIN fails or if PIN entry is bypassed or not possible, thecard will try to go online and decline the transaction if this is not possible.

The card may not operate offline and will decline transactions that are notapproved online.



NOTE

This profile is normally implemented on M/Chip 4 Lite. The profile may be implemented on M/Chip4 Select.


The Cardholder Verification Method list is:

• Online PIN, if the terminal is able to perform it

• Offline plain text PIN*, if the terminal is able to perform it

* If this CVM is not successful, then CVM processing has failed.


The card is valid for any domestic and international use, for example: Goods,Services, Cash, and Cash Back. The issuer may choose not to support domesticCash Back on the card.



Functions that the card requests:

• SDA

• Terminal Risk Management

• Cardholder Verification



The card is configured as “online only” and will never approve an offlinetransaction.

The settings for risk management are:

• If the transaction is an international transaction, then the transaction mustgo online. If it is not possible to go online, then the transaction is rejected.

• If the transaction is a domestic transaction, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.

• If the transaction is “unable to go online” the transaction is rejected.




Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (both IAF and IPB). The CAP TokenValidation requires ATC management and AC validation by the issuer usingeither a hosted CTVS or delegating the CAP Token validation to a third party,for example: MasterCard On Behalf Service.

Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online











(FF 40 may alternatively be used ifdomestic Cash Back is not supported)













Currency Conversion table D1 Determined by issuer (in case that oneor several entries are not used, please setthese entry(ies) with CRM Currency Code)











Issuer Action Code—Online 9F0F F0 70 BC 98 00

Issuer Action Code—Default 9F0D F0 50 BC 88 00

CVM List 8E 00000000 00000000 4203 0103


Card Issuer Action Code—Online C5 3F FB 00

Card Issuer Action Code—Default C4 7F 50 00



M/Chip Select: 2B



Standard Profiles for MaestroProfile 05: Maestro with SDA—Mag Stripe Grade Issuer where issuer cannot interpret TVR/CVR








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 05: Maestro with SDA—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR

This Standard Profile is for the issuer of Maestro cards supporting SDA in a MagStripe grade host processing environment. The issuer cannot interpret the TVRand CVR received in authorization messages. The issuer will decline offlinetransactions where offline PIN errors occur.

The card supports offline PIN (plain text) but online PIN is always preferred.The card will always use online PIN at ATMs. Signature and No CVM are notsupported. If offline PIN fails or if PIN entry is bypassed or not possible, thetransaction will be declined.

The card may not operate offline and will decline transactions that are notapproved online.

NOTE



The Cardholder Verification Method list is:• Online PIN*, if the terminal is able to perform it



• Offline plain text PIN*, if the terminal is able to perform it

* If these CVM are not successful, then CVM processing has failed.






• SDA







• If the cardholder verification fails, then the transaction the transaction isrejected offline.

• If the offline PIN fails (or if the offline PIN try limit is exceeded), then thetransaction the transaction is rejected offline.

• If the PIN is bypassed, then the transaction is rejected offline.

• If the terminal erroneously considers the offline PIN to be approved, but ithas not been approved by the card, then the transaction is rejected offline.


• If the transaction is a domestic transaction, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.



Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (both IAF and IPB). The CAP TokenValidation requires ATC management and AC validation by the issuer usingeither a hosted CTVS or delegating the CAP Token validation to a third party(for example, MasterCard On–behalf Service).



Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online







Application Label 50 MAESTRO or Maestro *chg*


























Issuer Action Code—Denial 9F0E 00 00 A8 00 00

Issuer Action Code—Online 9F0F F0 70 14 98 00

Issuer Action Code—Default 9F0D F0 50 14 88 00

CVM List 8E 00000000 00000000 0203 0103






M/Chip Select: 2B








Standard Profiles for MaestroProfile 06: Maestro online only with no offline CAM



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00

See also the card counter and limits data elements shown in AppendixA—Supplementary Data Elements per Card Version. *chg*

Profile 06: Maestro online only with no offline CAMThis Standard Profile is for the issuer of online only Maestro cards.

The card supports offline PIN (plain text) which is preferred to online PIN at thePOS. The card will always use online PIN at ATMs. Signature and No CVM arenot supported. If offline PIN fails or if PIN Entry is bypassed or not possible,the card will try to go online and decline the transaction if this is not possible.

The card may not operate offline and offline CAM is not supported.

This profile may be implemented on M/Chip 4 Lite or on M/Chip 4 Select.


The Cardholder Verification Method List is:• Online PIN, if transaction is Unattended Cash (ATM transactions) or Manual

Cash (cash advance).• Offline plain text PIN*, if the terminal is able to process this method.• Online PIN* for other cases such as any Terminal does not support offline

PIN.*If these CVM are not successful, then CVM processing has failed.


The card is valid for any Domestic and International usage (Good, Services,Cash, Cash Back).

The card can be used at ATM, POS and any other devices.


Functions that the card requests to be done are:• Terminal Risk Management• Cardholder Verification




Risk management may be performed by the Terminal via the Issuer Actioncodes (IAC) and by the Card via the Card Issuer Action Codes (CIAC) duringeach transaction.

The card is configured as online only so will never approve an offlinetransaction.


• If the transaction is an International Transaction, then the transaction mustgo online. If it is not possible to go online then the transaction is rejected.

• If the transaction is a Domestic Transaction, then the transaction must goonline. If it is not possible to go online then the transaction is rejected.



Data Element List



























8F N/A

Issuer Public Key Certificate 90 N/A

Issuer Public Key Remainder 92 N/A

Issuer Public Key Exponent 9F32 N/A

Static Data Authentication Tag List 9F4A N/A

Signed Static Application Data 93 N/A

Application Identifier if cardsupports a PSE









Lower Consecutive Offline Limit 9F14 00

Upper Consecutive Offline Limit 9F23 00


CA 00000000000


CB 00000000000





Currency Conversion Table D1 Determined by issuer (in case that one orseveral entries are not used, please setthese entry with CRM Currency Code)





SM for Integrity Master Key(MKSMI)







Issuer Action Code—Online 9F0F B0 70 BC 98 00

Issuer Action Code—Default 9F0D B0 50 BC 88 00

CVM List 8E 00000000 00000000 4201 0204 0103 0200

Card Issuer Action Code – Decline C3 00 00 00

Card Issuer Action Code – Online C5 3F FB 00

Card Issuer Action Code – Default C4 7F 50 00


M/Chip Lite: 23CDOL 1 Related Data Length C7

M/Chip Select: 2B


M/Chip Lite: 9F 02 06 9F 03 06 9F 1A 0295 05 5F 2A 02 9A 03 9C 01 9F 37 04 9F35 01 9F 45 02 9F 34 03

CDOL 1 8C


M/Chip Lite: 91 0A 8A 02 95 05CDOL 2 8D






Issuer Authentication Flags (If cardsupports MasterCard AuthenticationSolutions for Chip)

9F55 F0

Issuer Proprietary Bitmap(If cardsupports MasterCard AuthenticationSolutions for Chip)

9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00

See also the card counter and limits data elements shown in AppendixA—Supplementary Data Elements per Card Version


Chapter 6 Standard Profiles for MasterCard/DebitMasterCard

This chapter details the Standard Profiles that are available to an issuer for use with theMasterCard/Debit MasterCard® product.

Profile 11: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer (1) ........... 6-1







Profile 12: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer (2) ........... 6-7







Profile 13: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer (3)........... 6-13







Profile 14: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer (1)............ 6-19

Overview ............................................................................................................................... 6-19







Profile 15: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer (2)............ 6-25


Standard Profiles for MasterCard/Debit MasterCard







Profile 16: MasterCard/Debit MasterCard with DDA and offline PIN—Full Chip Issuer(1) ................................................................................................................................................ 6-31

Overview ............................................................................................................................... 6-31





















Profile 19: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer (1)........... 6-49






©2010 MasterCard6-ii 1 April 2011 • M/Chip Card Personalization Standard Profiles



Profile 20: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer (2)........... 6-55







Profile 21: MasterCard/Debit MasterCard with CDA/DDA and offline PIN—Full Chip Issuer(1) ................................................................................................................................................ 6-61







Profile 22: MasterCard/Debit MasterCard with CDA/DDA and signature—Full Chip Issuer(2) ................................................................................................................................................ 6-67

Overview ............................................................................................................................... 6-67







Profile 23: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuerwhere issuer can interpret TVR/CVR ........................................................................................... 6-73







Profile 24: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR (1) ................................................................................ 6-79



©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 6-iii



























Profile 28: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR (1) ...............................................................................6-103

Cardholder Verification .........................................................................................................6-103

Application Usage Control ....................................................................................................6-104

Application Interchange Profile ............................................................................................6-104

Issuer Risk Management .......................................................................................................6-104

MasterCard Authentication Solutions for Chip ......................................................................6-105

Data Element List ..................................................................................................................6-106

©2010 MasterCard6-iv 1 April 2011 • M/Chip Card Personalization Standard Profiles


Profile 29: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuerwhere issuer cannot interpret TVR/CVR (2) ...............................................................................6-109







Profile 30: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer(3) ...............................................................................................................................................6-115







Profile 31: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer(4) ...............................................................................................................................................6-121







Profile 32: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer (3) ...........6-128







Profile 33: MasterCard/Debit MasterCard online only with no offline CAM – offline PIN ...........6-134






©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 6-v



Profile 34: MasterCard/Debit MasterCard online only with no offline CAM and no offlinePIN..............................................................................................................................................6-138







©2010 MasterCard6-vi 1 April 2011 • M/Chip Card Personalization Standard Profiles

Standard Profiles for MasterCard/Debit MasterCardProfile 11: MasterCard/Debit MasterCard with SDA and offline PIN—Full Chip Issuer (1)

Profile 11: MasterCard/Debit MasterCard with SDA andoffline PIN—Full Chip Issuer (1)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Full Chip grade host processing environment or the issuer usesone of the appropriate MasterCard on-behalf services.

The card supports offline PIN (plain text) which is preferred to signature, whichis preferred to online PIN at the POS. The card will always use online PIN atATMs. No CVM is also supported. If offline PIN fails or if PIN entry is bypassedor not possible, the card will try to go online and decline the transactionif this is not possible.

This profile differs from Profile 12 in that signature is preferred to online PIN atthe POS. The profile differs from Profile 13 in that PIN issues lead to an onlineauthorization request rather than an offline decline. *chg*

Lower and Upper Limit parameters are used in risk management to decidewhether to accept the transaction offline or to request an online authorization.The Upper Limits may not normally be set to zero on a MasterCard product.The card may be configured as online preferring.

NOTE




• Online PIN, if transaction is Unattended Cash (ATM transactions)

• Offline plain text PIN, if the terminal is able to perform it

• Signature*, if the terminal is able to perform it *chg*

• Online PIN for other cases (such as any terminal that does not supportoffline PIN or signature and certain Cardholder Activated Terminals)

• No CVM* (no verification of the cardholder), for certain CardholderActivated Terminals



The card is valid for any domestic and international usage, including Goods,Services, or Cash. Cash Back is not supported for MasterCard. *chg*

For Debit MasterCard, Cash Back must be supported.







Risk management is performed by the terminal via the Issuer Action Codes(IAC) and by the card via the Card Issuer Action Codes (CIAC) during eachtransaction.













• If the PIN pad is not working then no action is taken on this issue. *chg*


• If the transaction amount exceeds the terminal floor limit, then thetransaction must go online. If it is not possible to go online, then thetransaction is accepted offline.














Data Element List







Application Primary Account NumberSequence Number




























5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online










Application Label 50 MASTERCARD or MasterCard or *chg*

Debit MasterCard or DEBITMASTERCARD



Application Usage Control 9F07 FF00 or

FFC0 for Debit MasterCard





Lower Cumulative Offline TransactionAmount


Upper Cumulative Offline TransactionAmount

















Issuer Action Code—Online 9F0F F0 70 AC 98 00

Issuer Action Code—Default 9F0D F0 50 AC 00 00

CVM List 8E 00000000 00000000 4201 4103 1E03 4203 *chg*1F03






CDOL 1 Related Data Length C7

M/Chip Lite: 23

M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00






The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use onlinePIN at ATMs. No CVM is also supported. If offline PIN fails or if PIN entryis bypassed or not possible, the card will try to go online and decline thetransaction if this is not possible.

This profile differs from Profile 11 in that online PIN is preferred to signature atthe POS. *chg*


NOTE






• Online PIN for other cases (such as any terminal that does not supportoffline PIN and certain Cardholder Activated Terminals)

• Signature* if the terminal is able to perform it *chg*




The card is valid for any domestic and international usage, including Goods,Services, or Cash. Cash Back is not supported for MasterCard























• If the transaction amount exceeds the terminal floor limit, then thetransaction must go online. If it is not possible to go online, then thetransaction rejected.


• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is declined.










• The offline transaction counters will be reset whenever a transaction isapproved, even if there is no ARPC.





Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online







Application Label 50 MasterCard or MASTERCARD or *chg*









Upper Consecutive Offline Limit 9F23 Determined by issuer *chg*







CB Determined by issuer *chg*















CVM List 8E 00000000 00000000 4201 4103 4203 1E03 *chg*1F03







M/Chip Lite: 23

M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




The card supports offline PIN (plain text) which is preferred to signature, whichis preferred to online PIN at the POS. The card will always use online PIN atATMs. No CVM is also supported. If offline PIN fails or if PIN entry is bypassedor not possible, the card will try to go online and decline the transactionif this is not possible.

The profile differs from Profile 11 in that PIN issues lead to an offline declinerather than an online authorization request. *chg*


NOTE





The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline plain text PIN, if the terminal is able to perform it• Signature*, if the terminal is able to perform it *chg*

• Online PIN for other cases (such as any terminal that does not supportoffline PIN or signature and certain Cardholder Activated Terminals)

• No CVM* (no verification of the cardholder), for certain CardholderActivated Terminals* If this CVM is not successful, then CVM processing has failed.





















• If the offline PIN fails (or if the offline PIN try limit is exceeded), thenthe transaction is rejected.

• If the PIN is bypassed, then the transaction is rejected.• If the PIN pad is not working, then no action is taken on this issue. *chg*











• It is more flexible to make the card “on-line preferring”, if required, bysetting the LCOL and LCOA to zero, as this can be updated in the futureby a script command.





Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






































CVM List 8E 00000000 00000000 4201 4103 1E03 4203 *chg*1F03



07 FB 00 may be used to make the card“online preferring”




M/Chip Lite: 23

M/Chip Select: 2B




Standard Profiles for MasterCard/Debit MasterCardProfile 14: MasterCard/Debit MasterCard with SDA and signature—Full Chip Issuer (1)







9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 14: MasterCard/Debit MasterCard with SDA andsignature—Full Chip Issuer (1)

Overview

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Full Chip grade host processing environment or the issueruses one of the appropriate MasterCard on-behalf services.

The card does not support offline PIN. Online PIN is preferred to signatureat the POS. The card will always use online PIN at ATMs. No CVM is alsosupported. If PIN entry is bypassed, the card will try to go online and declinethe transaction if this is not possible.


The profile is online preferring. Upper Limit parameters are used in riskmanagement to decide whether to accept the transaction offline if onlineauthorization is not completed. The Upper Limits may not normally be set tozero on a MasterCard product.

NOTE





The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Online PIN, if the terminal is able to perform it• Signature*, if the terminal is able to perform it *chg*






















• If the PIN is bypassed, then the transaction must go online. If it is notpossible to go online, then the transaction is accepted.




• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedrejected.





• International transactions must go online. If it is not possible to go online,then the transaction is accepted.

• Domestic Transactions must go online. If it is not possible to go online,then the transaction is accepted.



Cards supporting this profile may optionally support MAS4C (AA4C) by addingthe optional data elements (both IAF and IPB).

Data Element List






































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



























PIN Try Limit N/A 01

PIN Try Counter 9F17 01

Reference (Offline) PIN N/A N/A







Issuer Action Code—Online 9F0F F0 70 8C 98 00


CVM List 8E 00000000 00000000 4201 4203 1E03 1F03 *chg*






M/Chip Lite: 23

M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




The card does not support offline PIN. Signature is preferred to online PINat the POS. The card will always use online PIN at ATMs. No CVM is alsosupported. If PIN entry is bypassed, the card will try to go online and declinethe transaction if this is not possible.

This profile differs from Profile 14 in that signature is preferred to online PIN atthe POS. *chg*

Lower and Upper Limit parameters are used in risk management to decidewhether to accept the transaction offline or to request an online authorization.The Upper Limits may not normally be set to zero on a MasterCard product.Internationally, the card is online preferring. The card may be configured asonline preferring domestically also.

NOTE

This profile normally is implemented on M/Chip 4 Lite. The profile may be implemented on M/Chip4 Select.







• Online PIN for other cases such as certain Cardholder Activated Terminals• No CVM* (no verification of the cardholder), for certain Cardholder

Activated Terminals* If this CVM is not successful, then CVM processing has failed.




































Data Element List






































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online







Application Label 50 MasterCard or MASTERCARD or






























Issuer Action Code—Default 9F0D F0 50 8C 08 00

CVM List 8E 00000000 00000000 4201 1E03 4203 1F03 *chg*



06 FB 00 may be used to make thecard “online preferring” in a domesticenvironment




M/Chip Lite: 23

M/Chip Select: 2B




Standard Profiles for MasterCard/Debit MasterCardProfile 16: MasterCard/Debit MasterCard with DDA and offline PIN—Full Chip Issuer (1)







9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 16: MasterCard/Debit MasterCard with DDA andoffline PIN—Full Chip Issuer (1)

Overview

This Standard Profile is for the issuer of MasterCard cards supporting DDA andoffline PIN in a Full Chip grade host processing environment or the issuer usesone of the appropriate MasterCard on-behalf services.

The card supports offline PIN (enciphered or plain text) which is preferred tosignature, which is preferred to online PIN at the POS. The card will alwaysuse online PIN at ATMs. No CVM is also supported. If offline PIN fails or ifPIN entry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.

This profile differs from Profile 17 in that signature is preferred to online PIN atthe POS. The profile differs from Profile 18 in that PIN issues lead to an onlineauthorization request rather than an offline decline. *chg*


NOTE





The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline enciphered or plain text PIN, if the terminal is able to perform it• Signature*, if the terminal is able to perform it *chg*

• Online PIN for other cases (such as any terminal that does not supportoffline PIN or signature such as certain Cardholder Activated Terminals)








































Data Element List





























































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704








Issuer Action Code—Online 9F0F B8 70 AC 98 00

Issuer Action Code—Default 9F0D B8 50 AC 00 00

CVM List 8E 00000000 00000000 4201 4403 4103 1E03 *chg*4203 1F03












CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




The card supports offline PIN (enciphered and plain text) which is preferred toonline PIN, which is preferred to signature at the POS. The card will alwaysuse online PIN at ATMs. No CVM is also supported. If offline PIN fails or ifPIN entry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.





NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline enciphered or plain text PIN, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN such as certain Cardholder Activated Terminals)• Signature*, if the terminal is able to perform it *chg*














online. If it is not possible to go online, then the transaction is rejected.














• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.













Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704












FFC0 or FF40 for Debit MasterCard


























CVM List 8E 00000000 00000000 4201 4403 4103 4203 *chg*1E03 1F03









CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00




The card supports offline PIN (enciphered and plain text) which is preferred tosignature, which is preferred to online PIN at the POS. The card will alwaysuse online PIN at ATMs. No CVM is also supported. If offline PIN fails or ifPIN entry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.



The profile differs from Profile 16 in that PIN issues lead to an offline declinerather than an online authorization request. *chg*


NOTE















not possible to go online, then the transaction is rejected.



• If DDA fails, then the transaction must go online. If it is not possible to goonline, then the transaction is rejected.

• If ICC Data is missing, then the transaction must go online. If it is notpossible to go online, then the transaction is rejected.

• If the card appears on an exception file, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.






• If the offline PIN fails (or if the offline PIN try limit is exceeded), thenthe transaction is rejected.

• If the PIN is bypassed, then the transaction is rejected.• If the PIN pad is not working then no action is taken on this issue. *chg*
















Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704





Debit MasterCard or DEBIT MASTERCARD

















Currency Conversion table D1 Determined by issuer (in case that one orseveral entries are not used, please set theseentry(ies) with CRM Currency Code)











Issuer Action Code—Online 9F0F B8 70 84 98 00

Issuer Action Code—Default 9F0D B8 50 84 00 00

CVM List 8E 00000000 00000000 4201 4403 4103 1E03 *chg*4203 1F03



Standard Profiles for MasterCard/Debit MasterCardProfile 19: MasterCard/Debit MasterCard with DDA and signature—Full Chip Issuer (1)



07 FB 00 may be used to make the card“online preferring”





CDOL 1 8C 9F 02 06 9F 03 06 9F 1A 02 95 05 5F 2A 02 *chg*9A 03 9C 01 9F 37 04 9F 35 01 9F 45 02 9F4C 08 9F 34 03

CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 00 0000 00 30 00 FF 00 00 00


Profile 19: MasterCard/Debit MasterCard with DDA andsignature—Full Chip Issuer (1)

This Standard Profile is for the issuer of MasterCard cards supporting DDA andno offline PIN in a Full Chip grade host processing environment or the issueruses one of the appropriate MasterCard on-behalf services.

The card does not support offline PIN. online PIN is preferred to signatureat the POS. The card will always use online PIN at ATMs. No CVM is alsosupported. If PIN entry is bypassed, the card will try to go online and acceptthe transaction offline if this is not possible.





NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Online PIN, if the terminal is able to perform it• Signature*, if the terminal is able to perform it *chg*















is not possible to go online, then the transaction is rejected.







• If the PIN is bypassed, then the transaction must go online. If it is notpossible to go online, then the transaction is accepted.




• If the merchant forces the transaction online, then the transaction must goonline. If it is not possible to go online, then the transaction is acceptedrejected.












Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704

































Issuer Action Code—Online 9F0F B8 70 8C 98 00


CVM List 8E 00000000 00000000 4201 4203 1E03 1F03 *chg*











CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 20: MasterCard/Debit MasterCard with DDA andsignature—Full Chip Issuer (2)

This Standard Profile is for the issuer of MasterCard cards supporting DDA andno offline PIN in a Full Chip grade host processing environment or the issueruses one of the appropriate MasterCard on-behalf services.



Upper Limit parameters are used in risk management to decide whether toaccept the transaction offline if online authorization is not completed. TheUpper Limits may not normally be set to zero on a MasterCard product. Theprofile is online preferring internationally. Domestically, the card may beconfigured as online preferring.

NOTE

This profile must be implemented M/Chip 4 Select.




The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Signature*, if the terminal is able to perform it *chg*






































Data Element List






































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704


































Issuer Action Code—Default 9F0D B8 50 8C 88 00

CVM List 8E 00000000 00000000 4201 1E03 4203 1F03 *chg*



06 FB 00 may be used to make thecard "online preferring" in a domesticenvironment






Standard Profiles for MasterCard/Debit MasterCardProfile 21: MasterCard/Debit MasterCard with CDA/DDA and offline PIN—Full Chip Issuer (1)



CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 21: MasterCard/Debit MasterCard with CDA/DDAand offline PIN—Full Chip Issuer (1)

This Standard Profile is for the issuer of MasterCard cards supporting CDA andDDA and offline PIN in a Full Chip grade host processing environment or theissuer uses one of the appropriate MasterCard on-behalf services.

The card supports offline PIN (enciphered or plain text) which is preferred tosignature, which is preferred to online PIN at the POS. The card will alwaysuse online PIN at ATMs. No CVM is also supported. If offline PIN fails or ifPIN entry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.

This profile differs from Profile 22 in that the card supports offline PIN. *chg*


NOTE















































Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2



DDOL 9F49 9F3704

































Issuer Action Code—Online 9F0F BC 70 AC 98 00

Issuer Action Code—Default 9F0D BC 50 AC 00 00

CVM List 8E 00000000 00000000 4201 4403 4103 1E03 *chg*4203 1F03









Standard Profiles for MasterCard/Debit MasterCardProfile 22: MasterCard/Debit MasterCard with CDA/DDA and signature—Full Chip Issuer (2)



CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 22: MasterCard/Debit MasterCard with CDA/DDAand signature—Full Chip Issuer (2)

Overview

This Standard Profile is for the issuer of MasterCard cards supporting CDA andDDA and no offline PIN in a Full Chip grade host processing environment orthe issuer uses one of the appropriate MasterCard on-behalf services.


This profile differs from Profile 21 in that off-line PIN is not supported. *chg*

Lower and Upper Limit parameters are used in risk management to decidewhether to accept the transaction offline or to request an online authorization.The Upper Limits may not normally be set to zero on a MasterCard product.Internationally, the profile is online preferring. Domestically, the card maybe configured as online preferring.

NOTE










































Data Element List






































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2


ICC Public Key Remainder 9F48 Determined by issuer/personalizationsystem

DDOL 9F49 9F3704

































Issuer Action Code—Online 9F0F BC 70 8C 98 00

Issuer Action Code—Default 9F0D BC 50 8C 08 00

CVM List 8E 00000000 00000000 4201 1E03 4203 1F03 *chg*









Standard Profiles for MasterCard/Debit MasterCardProfile 23: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuer where issuer

can interpret TVR/CVR



CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 23: MasterCard/Debit MasterCard with SDA andoffline PIN—Mag Stripe Grade Issuer where issuer caninterpret TVR/CVR

This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. However, theissuer can interpret the TVR and CVR received in authorization messages andtake action accordingly.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use onlinePIN at ATMs. No CVM is also supported. If offline PIN fails or if PIN entryis bypassed or not possible, the card will try to go online and decline thetransaction if this is not possible.

This profile differs from profile 24 as the issuer can interpret the TVR and CVRso does not need to decline certain conditions offline. *chg*


NOTE



Standard Profiles for MasterCard/Debit MasterCardProfile 23: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuer where issuercan interpret TVR/CVR


The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline plain text PIN, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN such as certain Cardholder Activated Terminals)• Signature*, if the terminal is able to perform it *chg*


•* If this CVM is not successful, then CVM processing has failed.


The card is valid for any domestic and international usage, including Goods,Services, or Cash. Cash Back is normally supported for MasterCard. *chg*





































Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






































CVM List 8E 00000000 00000000 4201 4103 4203 1E03 *chg*1F03






M/Chip Lite: 23

M/Chip Select: 2B






cannot interpret TVR/CVR (1)






9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 24: MasterCard/Debit MasterCard with SDA andoffline PIN—Mag Stripe Grade Issuer where issuer cannotinterpret TVR/CVR (1)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages and sowill decline offline transactions where offline PIN errors occur.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use onlinePIN at ATMs. No CVM is also supported. If offline PIN fails or if PIN entry isbypassed or not possible, the transaction will be declined.

This profile differs from profile 23 as the issuer cannot interpret the TVR andCVR so declines certain conditions offline. *chg*


NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)


Standard Profiles for MasterCard/Debit MasterCardProfile 24: MasterCard/Debit MasterCard with SDA and offline PIN—Mag Stripe Grade Issuer where issuercannot interpret TVR/CVR (1)

• Offline plain text PIN, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN and certain Cardholder Activated Terminals)• Signature*, if the terminal is able to perform it *chg*
























• If the PIN is bypassed, then the transaction is rejected offline.• If the PIN pad is not working then no action is taken on this issue. *chg*













Data Element List







































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online













Log Entry (in the FCI) 9F4D Byte 1: Lower bits contain the SFI ofthe cyclic transaction log file (11) Byte2: Maximum number of records in theTransaction Log file

























CVM List 8E 00000000 00000000 4201 4103 4203 1E03 *chg*1F03






M/Chip Lite: 23

M/Chip Select: 2B












9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages and sowill decline offline transactions where offline PIN errors occur.

The card supports offline PIN (plain text) which is preferred to signature, whichis preferred to online PIN at the POS. The card will always use online PIN atATMs. No CVM is also supported. If offline PIN fails or if PIN entry is bypassedor not possible, the transaction will be declined.

This profile differs from profile 24 as signature is preferred to online PIN. *chg*


NOTE





The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline plain text PIN, if the terminal is able to perform it• Signature*, if the terminal is able to perform it *chg*

























• If the PIN is bypassed, then the transaction is rejected offline.
















Data Element List
































DAC: Determined by issuer/personal-ization system




5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



9F4A: Static Data Authentication TagList







Application Preferred Name 9F12 Presence and value determined byissuer




























CVM List 8E 00000000 00000000 4201 4103 1E03 *chg*4203 1F03






M/Chip Lite: 23

M/Chip Select: 2B






CDOL 1 8C M/Chip Lite: 9F 02 06 9F 03 06 9F 1A02 95 05 5F 2A 02 9A 03 9C 01 9F 37 049F 35 01 9F 45 02 9F 34 03



M/Chip Select: 91 0A 8A 02 95 05 9F37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages but willallow online authorization of transactions where offline PIN errors occur.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use online PINat ATMs. No CVM is also supported. In the event of PIN or CVM issues the cardinitiates an online authorization or declines the transaction as described below.

This profile differs from profile 24 as the issuer wants to allow CVM fallbackand only decline transactions where CVM processing fails *chg*




NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline plain text PIN, if the terminal is able to perform it• Online PIN for other cases (such as any terminal that does not support

offline PIN and certain Cardholder Activated Terminals)• Signature*, if the terminal is able to perform it *chg*














online. If it is not possible to go online, then the transaction is rejected.










• If the PIN is bypassed, then no action is taken on this issue. *chg*
















Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






































CVM List 8E 00000000 00000000 4201 4103 4203 1E03 *chg*1F03


Card Issuer Action Code—Online C5 0E FB 00




M/Chip Lite: 23

M/Chip Select: 2B












9F55 F0

Issuer Proprietary Bitmap (If cardsupports MasterCard AuthenticationSolutions for Chip)

9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



This Standard Profile is for the issuer of MasterCard cards supporting SDA andoffline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages but willallow online authorization of transactions where offline PIN errors occur.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use online PINat ATMs. No CVM is also supported. In the event of PIN or CVM issues the cardinitiates an online authorization or declines the transaction as described below.

This profile differs from profile 26 as signature is preferred to online PIN. *chg*


NOTE



The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Offline plain text PIN, if the terminal is able to perform it




























• If the PIN is bypassed, then no action is taken on this issue. *chg*














Data Element List







































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






































CVM List 8E 00000000 00000000 4201 4103 1E03 4203 *chg*1F03


Card Issuer Action Code—Online C5 0E FB 00




M/Chip Select: 2B





Standard Profiles for MasterCard/Debit MasterCardProfile 28: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer where issuer







9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 28: MasterCard/Debit MasterCard with SDA andsignature—Mag Stripe Grade Issuer where issuer cannotinterpret TVR/CVR (1)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages.

The card does not support offline PIN. online PIN is preferred to signatureat the POS. The card will always use online PIN at ATMs. No CVM is alsosupported. If PIN entry is bypassed or CVM processing is unsuccessful, the cardinitiates an online authorization or declines the transaction if this is not possible.

This profile differs from Profile 29 in that online PIN is preferred to signature atthe POS. This profile differs from Profile 30 in that certain transaction errors aredeclined offline. *chg*


NOTE



The Cardholder Verification Method list is:• Online PIN, if the terminal is able to perform it


Standard Profiles for MasterCard/Debit MasterCardProfile 28: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer where issuercannot interpret TVR/CVR (1)



•* If this CVM is not successful, then CVM processing has failed.


















• If the cardholder verification fails, then the transaction is rejected.• If the PIN is bypassed, then the transaction is rejected.• If the PIN pad is not working then no action is taken on this issue. *chg*














Cards supporting this profile may optionally support MAS4C (AA4C) by addingthe optional data elements (both IAF and IPB). The CAP Token Validationrequires ATC management and AC validation by the issuer using either a hostedCTVS or delegating the CAP Token validation to a third party, for example,MasterCard On Behalf Service.



Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






































CVM List 8E 00000000 00000000 4203 1E03 1F03 *chg*






M/Chip Lite: 23

M/Chip Select: 2B












9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 29: MasterCard/Debit MasterCard with SDA andsignature—Mag Stripe Grade Issuer where issuer cannotinterpret TVR/CVR (2)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Mag Stripe grade host processing environment. The issuercannot interpret the TVR and CVR received in authorization messages. *chg*

The card does not support offline PIN. Signature is preferred to online PINat the POS. The card will always use online PIN at ATMs. No CVM is alsosupported. If PIN entry is bypassed or CVM processing is unsuccessful, thecard declines the transaction offline.



NOTE






• Online PIN, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder



















• If the cardholder verification fails, then the transaction is rejected.• If the PIN is bypassed, then the transaction is rejected.• If the PIN pad is not working then no action is taken on this issue. *chg*














Cards supporting this profile may optionally support MAS4C (AA4C) by addingthe optional data elements (both IAF and IPB). The CAP Token Validationrequires ATC management and AC validation by the issuer using either a hostedCTVS or delegating the CAP Token validation to a third party, for example:MasterCard On Behalf Service.

Data Element List







































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






































CVM List 8E 00000000 00000000 4201 1E03 4203 1F03 *chg*






M/Chip Lite: 23

M/Chip Select: 2B





Standard Profiles for MasterCard/Debit MasterCardProfile 30: MasterCard/Debit MasterCard with SDA and signature—Mag Stripe Grade Issuer (3)






9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 30: MasterCard/Debit MasterCard with SDA andsignature—Mag Stripe Grade Issuer (3)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Mag Stripe grade host processing environment.

The card does not support offline PIN. Signature is preferred to online PINat the POS. The card will always use online PIN at ATMs. No CVM is alsosupported. If PIN entry is bypassed or CVM processing is unsuccessful, thecard declines the transaction offline.

This profile differs from Profile 29 in that certain transactions errors areauthorized online. *chg*


NOTE






• Online PIN, if the terminal is able to perform it










































Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online


































Application Transaction CounterLimit






CVM List 8E 00000000 00000000 4201 1E03 4203 1F03 *chg*







M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 31: MasterCard/Debit MasterCard with SDA andsignature—Mag Stripe Grade Issuer (4)

This Standard Profile is for the issuer of MasterCard cards supporting SDA andno offline PIN in a Mag Stripe grade host processing environment. It includes aspecial setting to require online PIN domestically. *chg*

The card does not support offline PIN. Signature is preferred to online PIN atthe POS internationally. The card will always use online PIN at ATMs. No CVMis also supported. If PIN entry is bypassed or CVM processing is unsuccessful,the card initiates an online authorization or declines the transaction if this isnot possible.

This profile differs from Profile 30 in that domestic transactions require onlinePIN. *chg*

The profile is online preferring for international transactions and online onlydomestically. Upper Limit parameters are used in risk management to decidewhether to accept the transaction offline if online authorization is not completed.The Upper Limits may not normally be set to zero on a MasterCard product.

NOTE





The Cardholder Verification Method list is:• Online PIN, if transaction is Unattended Cash (ATM transactions)• Online PIN, if above amount “x”• Signature*, if the terminal is able to perform it *chg*

• Online PIN, if the terminal is able to perform it• No CVM* (no verification of the cardholder), for certain Cardholder































• If the transaction is international, the card will request that the transactiongo online. If it is not possible to go online, then the transaction is acceptedoffline.

• If the transaction is domestic, the card will request that the transaction goonline. If it is not possible to go online, then the transaction is rejected.








Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online




9F42: Application Currency Code *chg*










Log Entry (in the FCI) 9F4D Byte 1: Lower bits contain the SFI ofthe cyclic transaction log file (11) Byte2: Maximum number of records in theTransaction Log file

























CVM List 8E 00000001 00000000 4201 4207 5E03 4203 *chg*1F03






M/Chip Select: 2B











9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00






Lower and Upper Limit parameters are used in risk management to decidewhether to accept the transaction offline or to request an online authorization.The Upper Limits may not normally be set to zero on a MasterCard product.Internationally, the card is online preferring. The card may be configured asonline preferring domestically also.

NOTE





The Cardholder Verification Method list is:• Online PIN—if transaction is Unattended Cash (ATM transactions)• Signature*—if the terminal is able to perform it *chg*

• Online PIN—for other cases such as certain Cardholder Activated Terminals• No CVM* (no verification of the cardholder)—for certain Cardholder







































Data Element List



































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online






































CVM List 8E 00000000 00000000 4201 1E03 4203 1F03 *chg*







M/Chip Lite: 23

M/Chip Select: 2B



Standard Profiles for MasterCard/Debit MasterCardProfile 33: MasterCard/Debit MasterCard online only with no offline CAM – offline PIN








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 33: MasterCard/Debit MasterCard online only withno offline CAM – offline PIN

This Standard Profile is for the issuer of online only MasterCard cards with nooffline CAM. The card supports offline PIN. This Profile may only be usedwith MasterCard programs that allow exclusively on-line personalization. Referto the M/Chip Requirements manual.

The card supports offline PIN (plain text) which is preferred to signature,which is preferred to on-line PIN at the POS. The card always will always useonline PIN at ATMs. No CVM is also supported. If offline PIN fails or if PINEntry is bypassed or not possible, the card will try to go online and declinethe transaction if this is not possible.


This profile will normally be implemented on M/Chip 4 Lite. The profile maybe implemented on M/Chip 4 Select.


The Cardholder Verification Method List is:


• Offline plain text PIN, if the terminal is able to process it



• Signature*, if the terminal is able to process it• Online PIN for other cases, such as any Terminal that does not support

Offline PIN or signature and certain Cardholder Activated Terminals• No CVM* (no verification of the Cardholder), for certain Cardholder

Activated Terminals*If this CVM is not successful, then CVM processing has failed.


The card is valid for any Domestic and International usage (Good, Services,Cash). Cash Back is not normally supported.

For Debit MasterCard, domestic and international Cash Back must be supported.



Functions that the card request to be done are:• Terminal Risk Management• Cardholder Verification



The card is configured as online only so will never approval an offlinetransaction.

The settings for risk management are:• If the transaction is an International Transaction: then the transaction must

go online. If it is not possible to go online then the transaction is rejected.• If the transaction is a Domestic Transaction: then the transaction must go

online. If it is not possible to go online then the transaction is rejected.



Data Element List



























8F N/A








MasterCard or MASTERCARD orApplication Label 50







FF00 for MasterCard, orApplication Usage Control 9F07







CA 00000000000


CB 00000000000


Currency Conversion Table D1 Determined by issuer (in case that oneor several entries are not used, pleaseset these entry(ies) with CRM CurrencyCode)













CVM List 8E 00000000 00000000 4201 4103 1E03 42031F03


Standard Profiles for MasterCard/Debit MasterCardProfile 34: MasterCard/Debit MasterCard online only with no offline CAM and no offline PIN



Card Issuer Action Code – Online C5 1F FB 00

Card Issuer Action Code – Default C4 1F 50 00


M/Chip Lite: 23

CDOL 1 Related Data Length C7 M/Chip Select: 2B



CDOL 1 8C






9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Profile 34: MasterCard/Debit MasterCard online only withno offline CAM and no offline PIN

This Standard Profile is for the issuer of online only MasterCard cards with nooffline CAM and no offline PIN. This Profile may only be used with MasterCardprograms that allow exclusively on-line personalization (see the M/ChipRequirements).

The card does not support offline PIN. Signature is preferred to on-line PINat the POS. The card always will use online PIN at ATMs. No CVM is alsosupported. If PIN Entry is bypassed, the card will try to go online and declinethe transaction if this is not possible.




This profile will normally be implemented on M/Chip 4 Lite. The profile maybe implemented on M/Chip 4 Select.


The Cardholder Verification Method List is:


• Signature*, if the terminal is able to perform it

• Online PIN for other cases, such as any Terminal that does not supportOffline PIN or signature and certain Cardholder Activated Terminals

• No CVM* (no verification of the Cardholder), for certain CardholderActivated Terminals

* If this CVM is not successful then CVM processing has failed.


The card is valid for any Domestic and International usage (Good, Services,Cash). Cash Back is not normally supported.

For Debit MasterCard, domestic and international Cash Back must be supported.



Functions that the card request to be done are:







• If the transaction is an International Transaction: then the transaction mustgo online. If it is not possible to go online then the transaction is rejected.

• If the transaction is a Domestic Transaction: then the transaction must goonline. If it is not possible to go online then the transaction is rejected.





Data Element List
























8F N/A











MasterCard or MASTERCARD orApplication Label 50




FF00 for MasterCard, orApplication Usage Control 9F07







CA 00000000000


CB 00000000000


Currency Conversion Table D1 Determined by issuer (in case that oneor several entries are not used, pleaseset these entry(ies) with CRM CurrencyCode)
















CVM List 8E 00000000 00000000 4201 1E03 4203 1F03


Card Issuer Action Code – Online C5 06 FB 00

Card Issuer Action Code – Default C4 06 50 00


M/Chip Lite: 23

CDOL 1 Related Data Length C7 M/Chip Select: 2B



CDOL 1 8C






9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Chapter 7 Standard Profiles for MasterCard ElectronicThis chapter details the Standard Profiles that are available to an issuer for use with the MasterCardElectronic product.

Profile 51: MasterCard Electronic with no offline CAM and offline PIN—Full Chip Issuer............ 7-1







Profile 52: MasterCard Electronic with no offline CAM and signature—Full Chip Issuer .............. 7-5







Profile 53: MasterCard Electronic with DDA and offline PIN—Full Chip Issuer............................ 7-9








Standard Profiles for MasterCard ElectronicProfile 51: MasterCard Electronic with no offline CAM and offline PIN—Full Chip Issuer

Profile 51: MasterCard Electronic with no offline CAM andoffline PIN—Full Chip Issuer

This Standard Profile is for the issuer of MasterCard Electronic cards supportingoffline PIN in a Full Chip grade host processing environment or the issueruses one of the appropriate MasterCard on-behalf services. The cards willonly approve transactions if they are authorized online. The card does notsupport offline CAM.

The card supports offline PIN (plain text) which is preferred to online PIN,which is preferred to signature at the POS. The card will always use onlinePIN at ATMs. No CVM is not supported. If offline PIN fails or if PIN entry isbypassed or not possible, the card will try to go online.

NOTE










The card is valid for any domestic and international usage, including Goods,Services, or Cash. Cash Back is not supported.













• If the transaction is an domestic transaction, then the transaction must goonline. If it is not possible to go online, then the transaction is rejected.


Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (IAF and IPB).

Data Element List


























8F N/A









Application Label 50 MC Electronic or MC ELECTRONIC *chg*



Application Usage Control 9F07 FF00



Lower Consecutive Offline Limit 9F14 00 *chg*

Upper Consecutive Offline Limit 9F23 00 *chg*


CA 000000000000 *chg*


CB 000000000000 *chg*


















CVM List 8E 00000000 00000000 4201 4103 4203 1E03






M/Chip Lite: 23

M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Standard Profiles for MasterCard ElectronicProfile 52: MasterCard Electronic with no offline CAM and signature—Full Chip Issuer


Profile 52: MasterCard Electronic with no offline CAM andsignature—Full Chip Issuer

This Standard Profile is for the issuer of MasterCard Electronic cards notsupporting offline PIN in a Full Chip grade host processing environment or theissuer uses one of the appropriate MasterCard On-behalf Services. The cardswill only approve transactions if they are authorized online. The card does notsupport offline CAM.

The card supports online PIN, which is preferred to signature at the POS. Thecard will always use online PIN at ATMs. Neither offline PIN nor No CVMare supported. If PIN entry is bypassed or not possible, the card will try togo online.

NOTE



The Cardholder Verification Method list is:• Online PIN, if the terminal is able to perform it• Signature*, if the terminal is able to perform it






Functions that the card requests:• Terminal Risk Management• Cardholder Verification











Data Element List


























8F N/A


















CA 000000000000 *chg*


CB 000000000000 *chg*


















CVM List 8E 00000000 00000000 4203 1E03






M/Chip Select: 2B








9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00


Standard Profiles for MasterCard ElectronicProfile 53: MasterCard Electronic with DDA and offline PIN—Full Chip Issuer


Profile 53: MasterCard Electronic with DDA and offlinePIN—Full Chip Issuer

This Standard Profile is for the issuer of MasterCard Electronic cards supportingoffline PIN in a Full Chip grade host processing environment or the issuer usesone of the appropriate MasterCard on-behalf services. The cards will onlyapprove transactions if they are authorized online. The card supports DDA.

The card supports offline PIN (enciphered and plain text) which is preferred toonline PIN, which is preferred to signature at the POS. The card will alwaysuse online PIN at ATMs. No CVM is not supported. If offline PIN fails or if PINentry is bypassed or not possible, the card will try to go online.

NOTE





• Offline enciphered or plain text PIN, if the terminal is able to perform it









• DDA












Cards supporting this profile may optionally support MAS4C (CAP and AA4C)by adding the optional data elements (IAF and IPB).

Data Element List




































5A: Application PAN


8E: CVM List

9F0D: IAC—Default

9F0E: IAC—Denial

9F0F: IAC—Online



8C: CDOL1


8D: CDOL2






DDOL 9F49 9F3704













CA 000000000000 *chg*


CB 000000000000 *chg*


















CVM List 8E 00000000 00000000 4201 4403 4103 42031E03








CDOL 2 8D 91 0A 8A 02 95 05 9F 37 04 9F 4C 08



9F55 F0


9F56 01 80 00 7F FF FF F0 00 00 00 00 00 0000 00 00 30 00 FF 00 00 00



Chapter 8 Standard Profiles for CirrusThis chapter details the Standard Profile that is available to an issuer for use with the Cirrus products.

Profile 81: Cirrus............................................................................................................................ 8-1








Standard Profiles for CirrusProfile 81: Cirrus

Profile 81: Cirrus *chg*

This Standard Profile is for the issuer of Cirrus cards in either a Full Chip gradeor Mag Stripe grade host processing environment.

The card will always use online PIN at ATMs. If PIN Entry is bypassed orunsuccessful the card will decline the transaction offline.


This profile may be implemented on M/Chip 4 Lite or on M/Chip 4 Select.


The Cardholder Verification Method list is Online PIN always. If this CVM is notsucessful, then CVM processing has failed.


The card is valid for Domestic and International cash usage.

The card can be used at ATMs or other terminals for cash.


Functions that the card request to be done are:







• If the transaction is an International Transaction, then the transaction mustgo online. If it is not possible to go online then the transaction is rejected.

• If the transaction is an Domestic Transaction, then the transaction must goonline. If it is not possible to go online then the transaction is rejected.


Cards supporting this profile may not optionally support MAS4C (CAP andAA4C) by adding the optional data elements (both IAF and IPB).



Data Element List

Table 8.1—Data Element List























8F N/A












Application Label 50 Cirrus or CIRRUS



Application Usage Control 9F07 C300






CA 00000000000


CB 00000000000


Currency Conversion Table D1 Determined by issuer (in case that oneor several entries are not used, set theseentry(ies) with CRM Currency Code)














Issuer Action Code—Online 9F0F B0 70 04 98 00


CVM List 8E 00000000 00000000 0200


Card Issuer Action Code – Online C5 06 FB 00

Card Issuer Action Code – Default C4 46 50 00


M/Chip Lite: 23CDOL 1 Related Data Length C7

M/Chip Select: 2B


M/Chip Lite: 9F 02 06 9F 03 06 9F 1A 0295 05 5F 2A 02 9A 03 9C 01 9F 37 04 9F 3501 9F 45 02 9F 34 03

CDOL 1 8C

M/Chip Select: 9F 02 06 9F 03 06 9F 1A 0295 05 5F 2A 02 9A 03 9C 01 9F 37 04 9F 3501 9F 45 02 9F 4C 08 9F 34 03




See also the card counter and limits data elements shown in AppendixA—Supplementary Data Elements per Card Version


Appendix A Supplementary Data Elements Per CardVersion

This appendix describes the supplementary data that you need to personalize in M/Chip 4 cards.Some data is specific to the version of the M/Chip specification that you are using.

Counter Limits and Previous Transaction.......................................................................................A-1

Counters and Data Elements with a Fixed Initial Value .................................................................A-1

©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 A-i

Supplementary Data Elements Per Card Version

Counter Limits and Previous Transaction

Counter Limits and Previous TransactionData Element Name Tag Recommended Values

Application Transaction Counter Limit 4E 20

Previous Transaction History 00 or 08

Bad Cryptogram Counter Limit 04 00

MAC in Script Counter Limit 0F (See note A below)

Global MAC in Script Counter Limit 00 4E 20 (See note A below)

AC Session Key Counter Limit 04 00 (See note B and C below)

SMI Session Key Counter Limit 04 00 (See note B below)

CFDC limit for Integrity Session Key 02 00 (See note A below)

CFDC limit for Confidentiality Session Key 02 00 (See note A below)

CFDC limit for AC Session Key 02 00 (See note A below)

NOTE

A) M/Chip 4 Version 1.1a only

NOTE

B) M/Chip 4 Version 1.1b only

NOTE

C) If a magnetic stripe grade profile is used for the contact interface or the card is being used forMasterCard Authentication Solutions for Chip, then the AC Session Key Counter Limit must be set tothe same value as the Application Transaction Counter Limit ('4E20').

Counters and Data Elements with a Fixed Initial ValueData Element Name Tag Recommended Values

Cumulative Offline Transaction Amount 00 00 00 00 00 00

Consecutive Offline Transactions Number 00

Script Counter '9F5F' 00

Log of The Current Transaction x (x=1...10 or more) 00…00

Application Transaction Counter '9F36' 0000

Global MAC in Script Counter 000000 (See note A)

AC Session Key Counter 0000 (See note B)

©2010 MasterCardM/Chip Card Personalization Standard Profiles • 1 April 2011 A-1

Supplementary Data Elements Per Card Version

Counters and Data Elements with a Fixed Initial Value

Data Element Name Tag Recommended Values

SMI Session Key Counter 0000 (See note B)

Bad Cryptogram Counter 0000

Security Limits Status 'DF02' 00 (See note B)

NOTE

A) M/Chip 4 Version 1.1a only

NOTE

B) M/Chip 4 Version 1.1b only

©2010 MasterCardA-2 1 April 2011 • M/Chip Card Personalization Standard Profiles

Documents

PSP Manual