When the Terminal sends Generate AC-1 or Generate AC-2 Command to the smart card, the card can either approve the cryptogram type requested by the terminal or can decline the transaction by responding with AAC(00) in the response to Generate AC. My question is, can anyone give me some real-time scenarios or examples on what basis the Card declines the transaction by responding with AAC(00) requested by the Terminal?
On what basis does a Smart Card can decline a transaction which is requested by the Terminal (POS/ATM)?
262 views Asked by Arjun N At
2
There are 2 answers
0
On
There can be several reasons. A real time scenario is 'using a test card in a live environment' or visa versa. The 1st and 2nd AC's are used as a check between the card and the issuer. I just searched a long time for an issue, where the card constantly calculated an AAC instead of a TC. Finally I discovered that the PAN sequence number was sent in 2 bytes, where 1 was expected. And of course the issuer used the first byte, which was the wrong one. The PAN Sequence number is, together with some other fields, encrypted, which made it hard to find. So, if you have an issue, check all the fields used within the ARCQ calculations.
If the card requires an online authorization and the terminal is unable to go online, the card will decline the transaction.
The process is part of the general Card Risk Management step where, another example, a terminal could request a TC to complete the transaction offline but the card responds with an ARQC because it wants an online authorization.