EMV Transaction Flow Diagram

EMV transaction flow - The following is the high level overall emv transaction flow diagram without elaborating each of the steps.

An EMV transaction has the following steps:

  • Application selection;
  • Read Application Data
  • Off-line Data Authentication
  • Processing Restrictions
  • Cardholder Verification
  • Terminal Risk Management
  • Terminal Action Analysis
  • Go On-Line (Card)?
  • On-Line Processing
  • Completion
  • Script Processing

A detailed flow chart describing processes in an EMV transaction flow from application selection through to completion script processing.
EMV Transaction Flow Diagram

Application Selection

Application Selection is the first step command after the reset operation in the emv transaction flow. It has the function to select the first operation in the transaction process. Usually, micro-processor is embedded in a payment card; emv enabled terminals POS (contact or contactless).
  • Single application card:
    • no choice

  • Multi-applications:
    • terminal capabilities
    • scheme/brand rules
    • cardholder choice

  • Application priorities can reflect cardholder marketing proposition

EMV Selection

EMV Selection is continuing to evolve and is designed to enable implementation of stronger security over time.

EMV Terminal Selection. Select EMV terminals with the right capabilities and approvals to meet your customers needs. EMV is an option-based specification.

Examples of changes to EMV terminal selection will include different key lengths and different cryptographic algorithms in the future.

It can be expected that there will eventually be more frequent terminal application and EMV configuration updates or, at a minimum, the need to load new keys to the EMV terminals.
  • Which applications do you have?
  • I have M/chip EMV and Health
  • I only know M/chip therefore I select M/chip

Offline Data Authentication

Offline data authentication is a process whereby the debit or credit card is validated at the point of transaction using RSA public key technology to protect against counterfeit or skimming. Consider a large network:-

EMV payment scheme certification authority
  • Each bank cannot establish relationship with every other one.

  • Third party agent vouches for the trustworthiness of individuals:
    • Associate public key - issuer
    • Third party agent = Certification authority (Payment Scheme)

            Contactless Card Home | About Us | Affiliate Agreement | Anti-Spam Policy | Contact Us
            Privacy Policy | Dmca Notice | Terms of Use | Link to Us