CDET User Guide V2-2 RevA

Contactless Device Evaluation Toolkit
User Guide
Version 2.2 Revision A
31 August 2015
Important Information on Confidentiality and Copyright

2004 - 2015 Visa. All Rights Reserved.
Notice: This information is proprietary and CONFIDENTIAL to Visa. It is distributed to Visa participants
for use exclusively in managing their Visa programs. It must not be duplicated, published, distributed
or disclosed, in whole or in part, to merchants, cardholders or any other person without prior written
permission from Visa.
The trademarks, logos, trade names and service marks, whether registered or unregistered (collectively
the Trademarks) are Trademarks owned by Visa. All other trademarks not attributed to Visa are the
property of their respective owners.
Note:
This document is not part of the Visa Rules. In the event of any conflict between any
content in this document, any document referenced herein, any exhibit to this document, or any
communications concerning this document, and any content in the Visa Rules, the Visa Rules shall
govern and control.
Contents
Contactless Device Evaluation Toolkit - User Guide (Version 2.2 - Revision A)
Contents
Contactless Device Evaluation Toolkit (CDET) User Guide Introduction ........................................................ 5
Introduction ................................................................................................................................................................................ 5
Contact Information ................................................................................................................................................................. 6
CDET Support Documentation ............................................................................................................................................ 7
Document Revision Log ......................................................................................................................................................... 9
1
Contactless Device Evaluation Toolkit - User Guide Overview ............................................................... 10

1.1 Objective .......................................................................................................................................................................... 10
1.2 Audience .......................................................................................................................................................................... 10
1.3 Document Organization............................................................................................................................................. 10
1.4 CDET Components ....................................................................................................................................................... 12
1.5 Related Documents ..................................................................................................................................................... 12
1.6 CDET Usage .................................................................................................................................................................... 12
1.6.1
CDET Usage Guidelines....................................................................................................................................... 14
1.7 New CDET Versions ..................................................................................................................................................... 15

1.8 Scope of CDET Testing ............................................................................................................................................... 15
1.9 EMVCo Brand-aligned Terminal Integration Testing Framework Compliance ..................................... 16
2
Test Case Introduction ...................................................................................................................................... 18

2.1 Pre-requisites ................................................................................................................................................................. 18
2.1.1
Reader Capabilities ............................................................................................................................................... 18
2.1.2
Visa CA Test Public Keys ..................................................................................................................................... 18
2.1.3
Configured for Operational Use ...................................................................................................................... 18
2.1.4
Testing and Approval .......................................................................................................................................... 19
2.2 Instructions...................................................................................................................................................................... 19
2.2.1
Self-Administered Tool ....................................................................................................................................... 19
2.2.2
Initially Deployed Readers ................................................................................................................................. 19
2.2.3
Previously Deployed Readers ........................................................................................................................... 19
2.2.4
Changes to Reader ............................................................................................................................................... 19
2.2.5
Decline Responses vs. Other Errors ................................................................................................................ 19
31 August 2015
Visa Confidential
Contents

2.2.6
Test Cards and Test Cases ................................................................................................................................. 20
2.2.7
Online Testing ........................................................................................................................................................ 20
2.2.8
Compliance Reporting ........................................................................................................................................ 20
2.2.9
Additional Toolkits................................................................................................................................................ 22
2.3 Test Case Summary...................................................................................................................................................... 22

3
Test Case Details ................................................................................................................................................. 25

3.1 Test Case 1: VCPS 2.0.2 Baseline Card .................................................................................................................. 26
3.2 Test Case 2: VCPS 2.1.x Baseline Card................................................................................................................... 28
3.3 Test Case 3: Card with a 16-byte ADF Name and other Features .............................................................. 30
3.4 Test Case 4: Card with additional Data in the GPO Response and with no Cardholder Name ...... 32
3.5 Test Case 5: Card that returns additional Data in the Select PPSE Response and containing other
unique features. ....................................................................................................................................................................... 34
3.6 Test Case 6: qVSDC-only card with 19-digit PAN and CVN 18 ................................................................... 36
3.7 Test Case 7: Online-only card with an Electron AID ........................................................................................ 38
3.8 Test Case 8: Card with an Interlink AID ................................................................................................................ 40
3.9 Test Case 9: Card supporting MSD Legacy only ............................................................................................... 42
3.10 Test Case 10: VMPA Card containing 00 and FF Padding in the GPO and a Read Record
Response Respectively .......................................................................................................................................................... 44
3.11 Test Case 11: Card with an IAD length of 23-bytes and an Unrecognized CVN .................................. 46
3.12 Test Case 12: Card with a VMPA Applet that causes a Pre-tap................................................................... 48
3.13 Test Case 13: Card with a CTQ indicating an issuer preference to switch to contact interface on
ODA failure. ............................................................................................................................................................................... 50
3.14 Test Case 14: Card that Disallows International Transactions. .................................................................... 52
3.15 Test Case 15: Card with inconsistent (Application PAN) Data to force a Transaction Termination
54
Visa CA Test Public Key for qVSDC Offline .................................................................................................. 57

A.1 1408 Bit VSDC TEST Key ............................................................................................................................................. 57
ii
Acronyms and Glossary..................................................................................................................................... 59
Visa Confidential
31 August 2015
Tables
Tables
Table 1:
CDET Support Documentation ......................................................................................................... 7
Table 22:
Document Organization ................................................................................................................... 11
Table 23:
Scope of ADVT Testing..................................................................................................................... 15
Table 21:
Test Case Summary ........................................................................................................................... 22
Table A1:
1408 Bit VSDC Test Key .................................................................................................................... 57
Table B1:
Acronyms ............................................................................................................................................. 59
Table B2:
Glossary ................................................................................................................................................ 62
31 August 2015
Visa Confidential
iii
Tables
iv
Visa Confidential
31 August 2015
Contactless Device Evaluation Toolkit - User Guide Overview
Contactless Device Evaluation Toolkit (CDET) User Guide

Introduction
This chapter provides the following information:
Introduction to the Contactless Device Evaluation Toolkit (CDET) User Guide
Contact Information
CDET Support Documentation
Disclaimer
Introduction
The Visa Contactless Payment Specification (VCPS) was developed as a platform to support globally
interoperable contactless chip programs. It facilitates the creation of payment technologies that provide
Visa payWave issuing clients with the flexibility to customize their contactless chip programs to meet
local market needs while gaining the benefits of global interoperability. The specification also provides
additional security options and enables enhanced performance for faster transaction processing.
To ensure that Visa payWave acceptance devices deployed by acquiring clients do not contribute to
interoperability issues, Visa has developed the Visa Contactless Device Evaluation Toolkit (CDET) - a set
of test cards, an accompanying user guide (this document) and a card profile definitions document.
CDET is designed to allow Visa payWave acquiring clients and their technical support providers to
validate correct configuration of their Visa payWave acceptance devices. The Toolkit may also be used
to assist Visa payWave reader developers and systems integrators with development and integration
testing and to ensure that Visa requirements for card acceptance devices are being met.
Oftentimes, cards issued in one country or region may experience acceptance problems when used in
other countries and regions, even though both the card and reader were fully tested and approved by
the payment schemes accredited testing laboratory. These issues may be the result of incorrect device
configuration, inadequate integration testing or misunderstandings about payment schemes rules and
requirements.
In addition to ensuring Visa payWave card acceptance globally, the CDET also enables user interface
testing of payment terminals. This step is necessary to confirm that correct user prompts, error
messages, application selection menus and PIN Entry messaging are being appropriately applied and
readily comprehensible to the cardholder and merchant.
31 August 2015
Visa Confidential

Objective
Contact Information
For more information on the CDET, contact your Visa representative using the following email
addresses according to your geographical location:
Visa Inc.:
-
For copies of the CDET, contact: STCVisaFulfillment@merrillcorp.com
For general information, contact: chiptoolkits@visa.com
Visa Inc. consists of the following regions:
Asia Pacific (AP)
Canada
Central Europe Middle East and Africa (CEMEA)
Latin America
United States (U.S.)
Visa Europe:
-
Since Visa Europe offers the Visa payWave Test Tool (VpTT) as an alternative to CDET, users in
Europe should contact: ADVTK_EU@visa.com
Visa Europe consists of the following countries and territories:

Andorra, Austria, Bear Island, Belgium, Bulgaria, Channel Islands, Croatia, Cyprus, Czech Republic,
Denmark, Estonia, Faeroe Island, Finland, France (including its DOM-TOMs), Germany, Gibraltar,
Greece, Greenland, Hungary, Iceland, Ireland, Isle of Man, Israel, Italy, Latvia, Liechtenstein, Lithuania,
Luxembourg, Malta, Monaco, the Netherlands, Norway, Poland, Portugal, Romania, San Marino,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey, Vatican City, and the United Kingdom.
Visa Confidential
31 August 2015

CDET support documentation now consists of two documents: a Card Profiles document and a User
Guide (this document).
Table 1:
Document Name
Visa Contactless Device
Evaluation Toolkit (CDET) User
Guide (This Document)
Visa Contactless Device

Evaluation Toolkit (CDET) Card
Profiles
31 August 2015
Description
This document provides:
An overview of the CDET

including a description of the
components and usage
criteria
Test cases
Appendices providing details

of the Visa CA test key,
Acronyms and a Glossary.
This document provides the

details required to personalize
each of the CDET test cards.
Visa Confidential
Audience
This document is primarily
intended for users of the CDET,
including acquirers, processors,
merchants, and third party
service providers on behalf of
acquirers.
This document is intended for

personalization bureaus and chip
tool vendors responsible for
developing CDET test cards or
simulated/scripted equivalents.

Objective
Disclaimer
The Visa Contactless Device Evaluation Toolkit provides a means for a Visa payWave acquiring client (or
agent) implementing a contactless chip program to test its card acceptance device prior to deployment.
The Visa Contactless Device Evaluation Toolkit described herein includes test cards, a user guide and
card profiles document, specifically for use with Visa payWave contactless readers that are compliant to
the Visa Contactless Payment Specifications (VCPS). The Toolkit is designed to assist Visa payWave
acquiring clients and their merchants perform tests that help to minimize card acceptance problems.
Systems Integrators and Visa payWave acceptance device vendors can also benefit from the use of the
Toolkit, as it provides a tool to assist them during development or integration of VCPS-compliant
readers.
The tests prescribed in the user guide do not supersede the requirement for readers to undergo type
approval testing at a Visa accredited laboratory. Visa reserves the right to add or remove tests and test
requirements in the Toolkit at any time and in its sole discretion.
Visa does not warrant the Toolkit or any Toolkit test results for any purpose whatsoever, and expressly
disclaims any and all warranties of merchantability, fitness for purposes, or non-infringement of third
party intellectual property rights. No vendor or other third party may refer to a product, service or
facility as Visa-approved, nor otherwise state or imply that Visa has, in whole or part, approved any
aspect of a vendor or its products, services or facilities, except to the extent and subject to the terms
and restrictions expressly set forth in a written agreement with Visa or in an approval letter provided by
Visa. All other references to Visa approval are strictly prohibited by Visa.
All references to Visa operating regulations in this document are deemed to be references to both Visa
International Operating Regulations and/or Visa Europe Operating Regulations, as appropriate.
Visa Confidential
31 August 2015
Document Revision Log

This section provides an overview of the changes made to this document since its last publication.
Version
V2.2
Date
August 01, 2015
Changes / Updates
V2.2 Revision A
August 31 , 2015
31 August 2015
Support of card changes defined in the CDET Version

2.2 Card Profiles document (dated August 1st, 2015)
Updates to Section 3 (Test Case Details) to comply with
the EMVCo Terminal Integration Task Force Framework
guidelines on Test Plan formatting.
All Test Cases: Clarifications on the Test Evidence to be
Submitted
All Test Cases: Removed Online Applicable from the
Regional Requirements section.
Test Cases 7, 8, 9 & 13: Clarified the meaning of
Conditional in the Regional Requirements section.
Test Case #9: in the Pre-requisite section, corrected that
an MSD dCVV transaction should be performed on a
device supporting both qVSDC and MSD 2.x
Test Case #11: In the Pass Criteria section, corrected that
transaction should be declined online for both Onlineonly and Offline-capable devices
Test Case #12: Clarified that test case is applicable to
Online-only and Offline-capable devices
Test Case #12: Clarified the expected Display Message in
Pass Criteria section.
Test Case #13: clarified that test not applicable to Onlineonly devices not supporting ODA.
Test Case #13: Clarified in Pre-requisite section that for
MSD only devices test case would not be executed, since
these devices do not support ODA.
Section 2.2.7.1: Clarification to Online Applicable tests
requirements.
Visa Confidential

Objective
Contactless Device Evaluation Toolkit - User Guide

Overview
This section provides an overview of the Contactless Device Evaluation Toolkit (CDET) User Guide (this
document).
1.1
Objective
The objective of this document and its corresponding test cards is to provide Visa payWave acquiring
clients, merchants, system integrators and vendors with a Toolkit to confirm that their reader can
accept Visa payWave cards during the reader development, deployment and update stages of the
program.
1.2
Audience
The audience for this Toolkit consists primarily of:
Visa payWave acquiring clients - deploying readers in support of Visa payWave acceptance
programs.
Visa payWave merchants working with Visa payWave acquiring clients to deploying readers in
support of Visa payWave card acceptance.
System Integrators - working on behalf of acquiring clients or merchants in the deployment of

readers in support of Visa payWave acceptance programs.
Note: In some areas, integrators are also referred to as Value-added Resellers (VARs).
Visa payWave reader vendors - developing VCPS-compliant reader in support of Visa payWave
acceptance programs.
This document should not be shared with or distributed to any other parties.
1.3
Document Organization
This document contains the following chapters:
10
Visa Confidential
31 August 2015

Table 11:
Document Organization
Chapter
Description
CDET User Guide Introduction
This chapter provides background information on this CDET User

Guide. It also includes:
Introduction to the Contactless Device Evaluation Toolkit (CDET)
User Guide
Contact Information
Disclaimer
CDET User Guide Overview
This chapter provides the following information:

Details on the objectives of the document
The audience to which the document applies
A description of how the document is organized
A description of the CDET components
List of Related Documents
CDET usage criteria
Policy with respect to the introduction of new versions
Scope of CDET testing
Comments on future enhancements
Relevance to the EMVCo Terminal Integration Taskforce
Framework
Test Case Introduction
Test Case Details
Visa CA Test Public Key for qVSDC

Offline
31 August 2015
This chapter provides an introduction to the CDET test cases. It

includes pre-requisite information for testing, including instructions
for each test case and a summary of all test cases included in this
version of the toolkit.
This chapter outlines each CDET test case, providing details on:
Test Case Number
Test Case Name
Objective
Regional Requirement
Business Justification
Pre-requisite
Applicable Terminal Device Type
Applicable Terminal Interface
Test Card used
Test Evidence to be submitted
Document Reference
Pass Criteria/User Validation
Provides the value of the currently active 1408-bits Visa CA Test

Public Key, used for Offline Data Authentication.
Visa Confidential
11

CDET Components
Chapter
Description
Acronyms and Glossary
Provide a list of commonly used Acronyms and a Glossary of

commonly used terms.
1.4
CDET Components
The CDET consists of:
Test Cards or Test Card SimulatorsCards or simulators personalized with specific settings that
are intended to identify incorrectly coded or configured chip card acceptance devices.
DocumentationTwo documents:
1.5
CDET Card Profiles Definitions (Separate Document)A document that outlines the card
personalization requirements for each test card that can be used by card personalization
bureaus and card simulator vendors to personalize the physical test cards or to develop
simulated test card scripts.
CDET Users Guide (This Document)A document that outlines each test case, a description
of the test card to be used with each test case, and the expected test results. This document is
used by the acquirer or acquirers agent to perform testing.
Related Documents
This section lists documents that may be read and/or referred to in conjunction with this document:
Visa Contactless Payment Specifications, (latest version)
Visa International Operating Regulations (latest version)
Visa Europe Operating Regulations (latest version)
Transaction Acceptance Device Requirements (TADR)Requirements (latest version)
Transaction Acceptance Device Guide (TADG)Requirements and Best Practices (latest version)
1.6
CDET Usage
CDET should be utilized to ensure that Visa payWave readers being deployed have been correctly
configured. It is expected that each applicable test case will be performed to gain the full benefits of
the Toolkit.
If a CDET test result does not meet the expected outcome of the test, it is anticipated that the acquirer
will work with their reader supplier or system integrator to resolve the issue. The acquirer must
continue to work with their technical support service provider until the issue is resolved and the result
complies with the expected outcome.
12
Visa Confidential
31 August 2015

The following guidelines are intended to provide more specific cases that govern the use of CDET.
Note that this list is not exhaustive. If a situation arises that is not currently listed, the Acquirer should
contact their Visa representative for guidance.
31 August 2015
Visa Confidential
13

CDET Usage
1.6.1
CDET Usage Guidelines
In regions where the use of CDET has been mandated, it must always be used in the following
cases. Where CDETs use remains optional, it is strongly recommended to be used in these cases:
Prior to deployment of a new Visa payWave reader for a new or existing Visa payWave program
Following significant software of hardware modification or reconfiguration of an existing Visa

payWave Reader. This includes but is not limited to changes to the following:
The approved Kernel
The payment component of the terminal application, affecting Visa payWave processing
The Cardholder Verification Method (CVM) capabilities
o
o
o
Language Support
The telecommunications method (e.g. upgrade from dial-up to high-speed)
Supported Currency Code/Country Code
Introduction of a new model of device hardware.
Note: It is possible to have families of devices which are identical from a payments perspective.
Here a new model is taken to mean a change which may affect card acceptance. This includes the
user interface presented to either the cardholder or merchant.
Changes to a merchants or acquirers network infrastructure. For example, in a case where a

merchant has switched acquirers, even though their terminal configuration might remain the
same.
A strong suspicion by Visa or other stakeholders of the presence of an acceptance or

interoperability problem affecting the Visa payWave acceptance device or its connectivity to
VisaNet.
Following upgrades or modifications to the reader to terminal interface or acquirer host systems
which could affect the transmission of chip data.
Addition of a new peripheral device requiring changes to the existing code, e.g. a new printer or
cash dispenser module.
Change to the terminal-to-host protocol which does affect authorization messages.
14
Visa Confidential
31 August 2015
1.7
New CDET Versions
The Contactless Device Evaluation Toolkit may be expanded in the future to include additional device
and/or online transaction processing tests.
On release of a new version of the Toolkit, a six-month grace period will be granted to users prior the
requirement to upgrade to the latest version. During this grace period, testing will still be allowed with
the CDET version just prior to the new release. However, on expiration of the grace period, users will
be required to upgrade to the latest version. In cases where CDET use is mandated, results from earlier
versions of the Toolkit will no longer be accepted.
1.8
Scope of CDET Testing
Device vendors are also recommended to use the Toolkit during the reader development phase. This
will help to ensure that these devices are capable of accepting a selection of diversely configured Visa
payWave cards.
Table 12: Scope of ADVT Testing
Within Scope
Outside of Scope
Explanation
Device testing
Acquirer host
certification
The Toolkit focuses on helping to ensure devices

deployed in the field are configured in a way that
promotes the best potential for acceptance of Visa
contactless cards.
While some of the cards in this Toolkit are to be used for
online testing, this Toolkit is not specifically designated
as a host certification Toolkit. Acquirers will continue to
perform host system certification using the current set of
test cards and scripts. Please see your Visa regional
representative to obtain the test kit for acquirer host
testing.
Complement to
Visa/EMV Level 2
device testing
31 August 2015
Replacement of
Visa/EMV Level 2 device
testing
It is assumed that acquirer and/or device vendor will

perform these tests on devices that have already passed
EMV Level 1 testing and Visa/EMV Level 2 testing. These
tests will complement Visa/EMV testing to ensure that
devices have been configured correctly prior to
deployment.
Visa Confidential
15

EMVCo Brand-aligned Terminal Integration Testing Framework Compliance
1.9
EMVCo Brand-aligned Terminal Integration Testing Framework

Compliance
Visa, in alignment with the five other EMVCo payment systems, has agreed upon compliance with the
recently published EMVCo Brand-aligned Terminal Integration Testing Framework for its terminal
integration toolkits. This Framework was developed by the EMVCo Terminal Integration Task Force
(TITF) - established by EMVCo in September 2013 for the purpose of examining the various payment
systems (Brands) testing processes for the integration of EMV contact and contactless acceptance
devices into their payment environments. The Framework defines the areas within the respective
payment systems integration testing processes where agreement was reached on aligning of key
elements, along with a plan for implementation.
The main impact of the TITF Framework on Visas CDET testing process, specifically as being
introduced in this version of the User Guide, will be on the Test Case definitions in Section 3. Within
the section, the Test Plan format has been updated to comply the Framework guidelines.
For more information on the EMVCo Terminal Integration Task Forces (TITF) efforts or to download a
copy of the Framework document, please visit the EMVCo website as follows:
http://www.emvco.com/approvals.aspx?id=272
16
Visa Confidential
31 August 2015
31 August 2015
Visa Confidential
17

Pre-requisites
This chapter provides an introduction to the CDET test cases. It includes pre-requisite information for
testing, including instructions for each test case and a summary of all test cases included in this
version of the toolkit.
2.1
Pre-requisites
Prior to running the CDET test cases, acquirers must ensure that the prerequisites in this section are
fulfilled.
2.1.1
Reader Capabilities
Before beginning any of the tests, it is important to understand the capabilities of your contactless
reader. This will help you ensure you are performing the tests correctly for your specific device.
VCPS PathDetermine if the reader supports either the Magnetic Stripe Data (MSD), Quick
Visa Smart Debit/Credit (qVSDC) paths, or both.
Authorization CapabilityDetermine if the reader will be Offline-only, Online-only or

Offline/Online capable. Note that while qVSDC may support offline and/or online transactions,
MSD transactions are online-only.
Cardholder Verification MethodsDetermine the cardholder verification methods that the

reader supports
Note: Online PIN, CDCVM, and Signature are the only CVMs that may be supported for Visa
payWave.
Offline Data AuthenticationDetermine if the reader supports Offline Data Authentication.
The capabilities of the contactless acceptance device are indicated within its Terminal Transaction
Qualifier (TTQ) data element.
2.1.2
Visa CA Test Public Keys
Readers that support Offline Data Authentication must be configured with the Visa CA Test Public Key
while the Toolkit is being used. Details of this test key are located in Appendix A: Visa CA Test Public
Keys for qVSDC Offline.
Note: Prior to production deployment, the Visa CA Test Public Key must be removed from readers
and replaced with the production Visa CA Public Keys.
2.1.3
18
Configured for Operational Use
Visa Confidential
31 August 2015

With an exception for the use of the Visa test CA keys as described above, the reader under test must
be configured for as close to operational use as possible. For example, readers should include the Visa
AIDs, correct terminal country code, correct date/time, and floor limits, etc.
2.1.4
Testing and Approval
In accordance with the Visa Operating Regulations, all Visa payWave acceptance devices must be
successfully tested by a Visa-accredited laboratory and receive a formal Visa approval, prior to
deployment.
2.2
2.2.1
Instructions
Self-Administered Tool
In the first instance, the CDET is a self-administered tool. Users must work to fix any problems on their
own or work with their technical support teams for resolution. Visa assistance should only be
requested for queries related to Visa payWave acceptance policy, rules or best practices or to provide
consultation on the interpreting results.
2.2.2
Initially Deployed Readers
For readers being initially deployed, the intent is for acquirers to run each applicable test and make
modifications to the reader configuration until the reader meets the expected outcome of the test.
Acquirers should run these tests on each reader type as well as each reader hardware and/or software
configuration. After running all tests and making the appropriate reader configuration modifications,
acquirers in regions where CDET is mandated should submit their results to Visa.
2.2.3
Previously Deployed Readers
If Visa or the acquiring client suspects a Visa payWave acceptance problem at a reader that has
already been deployed, it is recommended that all applicable tests specified in the CDET be performed
to assist with analysis.
2.2.4
Changes to Reader
If changes are made the configuration of an already deployed reader, it is recommended that the
acquiring client re-run all applicable CDET tests, to provide a level of confidence in the changes made.
2.2.5
Decline Responses vs. Other Errors
31 August 2015
Visa Confidential
19

Instructions
There is a difference between a declined transaction response and an error message. In some
situations, a declined response on the reader may be acceptable to a test case. However, error
message responses, where the reader is unable to complete the transaction, are generally
unacceptable and can indicate a problem with the reader or its setting/configuration. Testers should
not necessarily be alarmed by a declined response (as long as a declined response is acceptable in the
Expected Results section of the test case). However, error messages (such as Card Not Read or the
equivalent) must be investigated.
2.2.6
Test Cards and Test Cases
Users must execute the test cases using the test cards provided. For simplicity, a single test card is
used for each test case, and in all cases the test card number corresponds with the test case number
(e.g., for Test Case 1, the tester will use Test Card 1).
2.2.7
2.2.7.1
Online Testing
General
In the Test Cases section, tests are now designated as Online Applicable. When an Online transaction
is performed, the transaction must be sent online to VCMS or a Visa-confirmed, third-party supplied
host simulator for validation of the Authorization Request Cryptogram (ARQC) and/or the CVV (dCVV
or iCVV) data.
2.2.7.2
Visa Acquirers
Visa Acquirers are required to perform online testing by connecting their reader/terminal to their test
host system and generating transactions through to the VisaNet Certification Management Service
(VCMS), or a Visa-confirmed third party supplied test host which mimics VCMS. Each test card is
configured with test Data Encryption Standard (DES) keys that is also set up within VCMS, allowing it
to validate and generate the online cryptograms. Successful validation of the cryptogram by VCMS
helps to ensure that all the components involved in the online transaction are correctly coded and
integrated.
For the online tests, card authentication (the validation of the Authorization Request Cryptogram or
dCVV/iCVV) shall be performed and must be successful (unless otherwise noted in the test case).
NOTE: Access to the VisaNet Certification Management Service is provided to Visa Clients only.
2.2.8
Compliance Reporting
In regions where the use of CDET has been mandated, once acquirers have completed the applicable
test cases, they will need to provide evidence of CDET compliance by reporting their results.
20
Visa Confidential
31 August 2015

Visa provides a web-based solution, the Chip Compliance Reporting Tool (CCRT) that enables
acquirers to report their CDET results online. Once results are submitted, they will be reviewed by Visa
and the acquirer contacted if necessary.
2.2.8.1
Chip Compliance Reporting Tool
The Chip Compliance Reporting Tool (CCRT) was developed by Visa to provide acquirers with a more
convenient means of completing their compliance requirements, such as the submission of CDET
results following testing. As a web-based, user-friendly solution, CCRT was designed as an improved
alternative to the manual methods previously used for submission of Toolkit test results. With CCRT,
chip acquirers or their designated processors can complete and submit the mandatory compliance
reports via a globally automated online system.
Hosted on Visa Online (VOL), CCRT is designed in accordance with Visas three-tier architectural
requirements and provides a high-level of application and data security.
CCRT allows users to:
Submit new compliance reports
Review and update draft reports
Check on the status of pending reports submitted to Visa
Track approved reports
It benefits users by:
Providing a convenient, secure online solution for CDET results reporting:
Reducing potential for errors in manual entry by guiding users to choose from applicable
options and providing mandatory information requirements
Allowing the "re-use" of reports as a starting point for new reporting, reducing time spent
completing the reports
Supporting online status review and automated management of reports submitted to Visa,
expediting communication between Visa and clients
Enables the direct importation of CDET validation results performed with PC-based card
simulators
Acquiring clients already enrolled for VOL services may request entitlement to CCRT from their VOL
support representative. Those not yet enrolled, must first request VOL enrollment before being able to
be entitled to CCRT access.
The link for VOL enrollment is as follows: https://www.visaonline.com/
31 August 2015
Visa Confidential
21

Test Case Summary
For more details on CCRT please contact your local Visa Representative.
2.2.9
Additional Toolkits
Users may obtain additional Toolkits from the Visa-designated fulfillment service. Please contact your
Visa representative for details.
2.3
Test Case Summary
This section provides a brief description of each test card currently included in this version of the
Toolkit.
Table 21: Test Case Summary
Test Card
Number
Test Case Description
Mandatory vs.
Conditional (M/C)
Online Applicable
(Y/N)
VCPS 2.0.2 Baseline Card
VCPS 2.1.x Baseline Card
Card with a 16-byte ADF Name and other features
Multi-application card with additional data in the GPO

Response and with no Cardholder Name
Card that returns additional data in its SELECT PPSE

Response and other unique features
qVSDC-only card with a 19-digit PAN and CVN 18
Online-only card with an Electron AID
Card with an Interlink AID
Card that only supports MSD Legacy only
10
VMPA Card containing 00 and FF Padding in the GPO

and a Read Record Response Respectively.
11
Card with an Issuer Application Data length of 23-bytes and

an unrecognized CVM
12
VMPA-based card that causes a Pre-tap scenario
13
Card with a CTQ indicating an issuers preference to switch

to the contact interface on ODA failure
14
Card set to decline the transaction, to ensure that the

terminal does not attempt the transaction over another
interface
22
Visa Confidential
31 August 2015

Test Card
Number
15
Test Case Description

Card having inconsistent data to force transaction
termination by the terminal
31 August 2015
Visa Confidential
Mandatory vs.
Conditional (M/C)
Online Applicable
(Y/N)
23

Test Case Summary
24
Visa Confidential
31 August 2015
Test Case Details
Test Case Details
This chapter outlines each CDET test case.

Important: Prior to beginning the tests, be sure to read the following sections:
Section 2.1: Pre-requisites
Section 2.2: Instructions (specifically Section 2.2.7: Online Testing)
These sections contain critical information.

The following information is provided with each test case:
Test Case Numberthe number of the test case.
Test Case Namethe name of the test case.
Objectivethe objective of the test case.
Regional Requirementwhether the test applies to all regions or is specific to sub-set of regions.
(Currently, all of the tests apply to all regions).
Business Justificationthe business reason for the test.
Pre-requisiteAny specific terminal conditions that apply or configuration requirements needed

for the test case.
Applicable Terminal Device Typeindicates the device type that needs to be tested.
Applicable Terminal Interfaceindicates the interface type that needs to be tested.
Test CardA number used to uniquely identify the test card required to execute the test. There is
a one-to-one correlation between the Test Case Number and the Test Card Number
(i.e., Test Case 1 uses Test Card 1).
Test Evidence to be submittedEvidence to be submitted with results on completion of the test

case.
Document ReferenceReferences to the specification or rule that acquirers may refer to for
background information on the test. This information is especially important in the event that the
test fails.
Pass Criteria/User Validationthe success/failure criteria for the test.
31 August 2015
Visa Confidential
25
Test Case Details

Test Case 1: VCPS 2.0.2 Baseline Card
3.1
Test Case 1: VCPS 2.0.2 Baseline Card
Test Case 1/Test Card 1 (Mandatory and Online Applicable)

Test Case Number:
Test Case Name:
VCPS 2.0.2 Baseline Card
Objective:
To ensure acceptance of a VCPS v2.0.2-compliant Visa payWave card, supporting the

specific features described below.
VSDC Applet Version: 2.7.1
Dual Interface
o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
Online without ODA (CVN = 17)
Offline with ODA (fDDA)
VSDC (contact) supports:
DDA
CVN = 10
Regional
Requirement:
Mandatory in Regions where CDET use has been mandated
Business
Justification:
This card is provided to validate acceptance of a commonly-configured Visa payWave card,

compliant to VCPS 2.0.2.
Pre-requisite:
Applicable
Terminal Device
Type:
POS
Applicable
Terminal Interface:
Contact
Test Card:
26
ATM
For Readers supporting:
Resulting Tx should be:
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
Both qVSDC and MSD 2.x
qVSDC
MPOS
Contactless
Visa Confidential
31 August 2015
Test Case Details

Test Evidence to
be Submitted:
Receipt (where possible)
Card-to-Terminal Interaction Log
Host Simulator Log (if
Note: A receipt may be scanned

and submitted as a .pdf file.
(if available)
applicable)
Document
Reference:
Visa Contactless Payment Specifications Version 2.0.2 including published updates
Pass Criteria/User
Validation
a) For Online only devices:
The transaction should be sent online and be approved by the Visa Certification
Management Service (VCMS).
b) For Offline-capable devices:
31 August 2015
The transaction may either be sent online and approved by the Visa Certification
Management Service (VCMS) or approved Offline by the reader.
Visa Confidential
27
Test Case Details

Test Case 2: VCPS 2.1.x Baseline Card
3.2
Test Case 2: VCPS 2.1.x Baseline Card

Test Case Number:
Test Case Name:
VCPS 2.1.x Baseline Card
Objective:
To ensure acceptance of a VCPS v2.1.x-compliant Visa payWave card, supporting the

specific features described below.
VSDC Applet Version: 2.8.1F1
Dual Interface
o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
Online with ODA (fDDA)
DDA
CVN = 10
Regional
Requirement:
Business
Justification:
This card is provided to validate acceptance of a commonly-configured Visa payWave card,

compliant to VCPS 2.1.x.
Pre-requisite:
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
28
ATM
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
qVSDC
MPOS
Contactless
Visa Confidential
31 August 2015
Test Case Details

Test Evidence to be
Submitted:
Document
Reference:
Visa Contactless Payment Specifications Version 2.1 including published updates
Pass Criteria/User
Validation

Card-to-Terminal Interaction
Log (if available)

applicable)
31 August 2015
Visa Confidential
29
Test Case Details

Test Case 3: Card with a 16-byte ADF Name and other Features
3.3
Test Case 3: Card with a 16-byte ADF Name and other Features

Test Case Number:
Test Case Name:
Card with a 16-byte ADF Name and other Features
Objective:
To ensure acceptance of a card with a 16-byte ADF Name, and the following additional
features.
Dual Interface card
PDOL requests a 2-byte TTQ
No Application PAN Sequence Number (PSN) on the card
Cardholder Name has a minimum value of / (space and forward slash)
Service Code = 621
Regional
Requirement:
Business
Justification:
This card is provided to validate acceptance of a Visa payWave card, compliant to the most
recent version of the VCPS specifications and with various unique features included.
Pre-requisite:
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
qVSDC
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
Test Evidence to be
Submitted:
Document
Reference:
30
ATM
MPOS
Contactless

Card-to-Terminal
Interaction Log (if available)
Visa Confidential

applicable)
31 August 2015
Test Case Details

Pass Criteria/User
Validation
31 August 2015
Visa Confidential
31
Test Case Details

Test Case 4: Card with additional Data in the GPO Response and with no Cardholder Name
3.4
Test Case 4: Card with additional Data in the GPO Response and
with no Cardholder Name

Test Case Number:
Test Case Name:
Multi-application card with additional data in the GPO Response and with no Cardholder
Name
Objective:
To ensure acceptance of a Multi-application card with additional data in the GPO Response
and No Cardholder Name. Card features include:
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
Online with ODA (fDDA)
DDA
CVN = 10
Multi-application card, with:

o
Visa Credit = A0 00 00 00 03 10 10 01
Application Priority Indicator = 81
Visa Debit = A0 00 00 00 03 10 10 02
Application Priority Indicator = 82
Regional
Requirement:
Business
Justification:
recent version of the VCPS specifications and with some unique features included.
With the card containing two applications (Visa Credit and Visa Debit), both requiring
Cardholder Confirmation, and Visa payWave contactless Readers not supporting this
feature, the intent of this test case is to ensure that the Reader correctly disregards these
settings.
32
Visa Confidential
31 August 2015
Test Case Details

Pre-requisite:
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
qVSDC
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
Test Evidence to be
Submitted:
Document
Reference:
Pass Criteria/User
Validation
ATM
MPOS
Contactless

Card-to-Terminal

applicable)
Applications should not be displayed to the cardholder for confirmation. The Visa
Credit application should be selected for processing.
31 August 2015
Applications should not be displayed to the cardholder for confirmation. The Visa
Credit application should be selected for processing.
Visa Confidential
33
Test Case Details

Test Case 5: Card that returns additional Data in the Select PPSE Response and containing other unique features.
3.5
Test Case 5: Card that returns additional Data in the Select PPSE
Response and containing other unique features.

Test Case Number:
Test Case Name:
Card that returns additional Data in the Select PPSE Response and containing other unique
features.
Objective:
To ensure acceptance of a card that has the following features:
Returns additional data in the Select PPSE Response
The incorrect AIP for MSD
PVV is not personalized in the T1DD or T2ED
The card also features:
VSDC Applet Version: 2.7.1
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
DDA
CVN = 10
Regional
Requirement:
Business
Justification:
recent version of the VCPS specifications and with specific features included.
Pre-requisite:
Applicable Terminal
Device Type:
34
POS
ATM
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
qVSDC
MPOS
Visa Confidential
31 August 2015
Test Case Details

Applicable Terminal
Interface:
Contact
Test Card:
Test Evidence to be
Submitted:
Document
Reference:
Visa Contactless Payment Specifications Version 2.0.2 including published updates
Pass Criteria/User
Validation
Contactless

Card-to-Terminal

applicable)
31 August 2015
Visa Confidential
35
Test Case Details

Test Case 6: qVSDC-only card with 19-digit PAN and CVN 18
3.6
Test Case 6: qVSDC-only card with 19-digit PAN and CVN 18

Test Case Number:
Test Case Name:
qVSDC-only card with 19-digit PAN and CVN 18
Objective:
To ensure acceptance of a qVSDC-only card with 19-digit PAN and CVN 18.
Dual Interface card

o
qVSDC supports:
Online with ODA (fDDA
DDA
CVN = 18
Regional
Requirement:
Business
Justification:
Pre-requisite:
MSD 1.4.2 only
No transaction MSD not

on the card
MSD 2.x only
No transaction MSD not

on the card
qVSDC only
qVSDC
qVSDC
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
Test Evidence to be
Submitted:
36
ATM
MPOS
Contactless

Card-to-Terminal
Visa Confidential

applicable)
31 August 2015
Test Case Details

Document
Reference:
Pass Criteria/User
Validation
31 August 2015
Visa Confidential
37
Test Case Details

Test Case 7: Online-only card with an Electron AID
3.7
Test Case 7: Online-only card with an Electron AID
Test Case 7/Test Card 7 (Conditional and Online Applicable)

Test Case Number:
Test Case Name:
Online-only card with an Electron AID
Objective:
To ensure acceptance of an Online-only card with an Electron AID, if supported by the

Reader.
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
Offline not supported
CVN = 10
Regional
Requirement:
Conditional in Regions where CDET use has been mandated (i.e. if the Electron AID is
supported)
Business
Justification:
Pre-requisite:
Reader supports the Electron AID

MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
qVSDC
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
Test Evidence to be
Submitted:
38
ATM
MPOS
Contactless

Card-to-Terminal
Visa Confidential

applicable)
31 August 2015
Test Case Details

Document
Reference:
Pass Criteria/User
Validation
31 August 2015
The transaction should be sent online and approved by the Visa Certification
Visa Confidential
39
Test Case Details

Test Case 8: Card with an Interlink AID
3.8
Test Case 8: Card with an Interlink AID

Test Case Number:
Test Case Name:
Card with an Interlink AID
Objective:
To ensure acceptance of a card with an Interlink AID, if supported by the Reader.
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
Offline not supported
CVN = 10
Regional
Requirement:
Conditional in Regions where CDET use has been mandated (i.e. if the Interlink AID is
supported)
Business
Justification:
Pre-requisite:
Reader supports the Interlink AID

MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
qVSDC
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
Test Evidence to be
Submitted:
40
ATM
MPOS
Contactless

Card-to-Terminal
Visa Confidential

applicable)
31 August 2015
Test Case Details

Document
Reference:
Pass Criteria/User
Validation
31 August 2015
Visa Confidential
41
Test Case Details

Test Case 9: Card supporting MSD Legacy only
3.9
Test Case 9: Card supporting MSD Legacy only

Test Case Number:
Test Case Name:
Card supporting MSD Legacy only
Objective:
To ensure acceptance of a card supporting MSD Legacy only.
VSDC Applet Version: N/A static/native card
Contactless-only card
o
MSD supports:
Legacy with dCVV
Regional
Requirement:
Conditional in Regions where CDET use has been mandated (i.e. in the Reader is supporting
MSD Legacy only)
Business
Justification:
This card is provided to validate acceptance of a MSD Legacy, Visa payWave card,
compliant to VCPS v1.4.2.
Pre-requisite:
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD dCVV
qVSDC only
No transaction path not

supported
MSD dCVV
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
Test Evidence to be
Submitted:
Document
Reference:
Visa Contactless Payment Specifications Version 1.4.2
42
ATM
MPOS
Contactless

Card-to-Terminal
Visa Confidential

applicable)
31 August 2015
Test Case Details

Pass Criteria/User
Validation
31 August 2015
Visa Confidential
43
Test Case Details

Test Case 10: VMPA Card containing 00 and FF Padding in the GPO and a Read Record Response Respectively
3.10
Test Case 10: VMPA Card containing 00 and FF Padding in

the GPO and a Read Record Response Respectively

Test Case Number:
10
Test Case Name:
VMPA Card containing 00 and FF Padding in the GPO and a Read Record Response
Respectively.
Objective:
To ensure acceptance of a card with the VMPA Applet and with 00 and FF Padding in
the GPO and a Read Record Response respectively.
VMPA Applet Version: 1.4.1.5 (VMPA 1415 Core 12 121214 00.cap)
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
VIS not supported
Regional
Requirement:
Business
Justification:
This card is provided to validate acceptance of the Visa Mobile Payment Application
Version 1.4.1.5 and with specific features included.
Pre-requisite:
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
qVSDC
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
10
Test Evidence to be
Submitted:
44
ATM
MPOS
Contactless

Card-to-Terminal
Visa Confidential

applicable)
31 August 2015
Test Case Details

Document
Reference:
Pass Criteria/User
Validation
For the Reader: Visa Contactless Payment Specifications Version 2.1 including
published updates
For the Card: Visa Mobile Contactless Payment Specification (VMCPS) 1.4.1
31 August 2015
Visa Confidential
45
Test Case Details

Test Case 11: Card with an IAD length of 23-bytes and an Unrecognized CVN
3.11
Test Case 11: Card with an IAD length of 23-bytes and an

Unrecognized CVN

Test Case Number:
11
Test Case Name:
Card with an IAD length of 23-bytes and an Unrecognized CVN
Objective:
To ensure acceptance of a card with an IAD length of 23-bytes and an Unrecognized CVN.
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 77 (unrecognized)
qVSDC supports:
Online without ODA (CVN = 77 (unrecognized))
CVN = 77 (unrecognized)
Regional
Requirement:
Business
Justification:
Pre-requisite:
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC
qVSDC
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
11
Test Evidence to be
Submitted:
46
ATM
MPOS
Contactless

Card-to-Terminal
Visa Confidential

applicable)
31 August 2015
Test Case Details

Document
Reference:
Pass Criteria/User
Validation
The transaction should be sent online and be declined by the Visa Certification
Management Service (VCMS) as the CVN is unrecognized.
31 August 2015
The transaction should be sent online and declined by the Visa Certification
Management Service (VCMS) as the CVN is unrecognized.
Visa Confidential
47
Test Case Details

Test Case 12: Card with a VMPA Applet that causes a Pre-tap
3.12
Test Case 12: Card with a VMPA Applet that causes a Pre-tap
Test Case 12/Test Card 12 (Mandatory and Applicable to both Online Only and Offline-capable
devices)
Test Case Number:
12
Test Case Name:
Card with a VMPA Applet that causes a Pre-tap
Objective:
To ensure the Reader displays the correct response message and performs the correct
behavior when presented with a card containing the VMPA Applet that causes a Pre-tap.
VMPA Applet Version: 1.4.1.5 (VMPA 1415 Core 12 121214 00.cap)
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
VIS not supported
Regional
Requirement:
Business
Justification:
Although a standard qVSDC transaction is typically completed with a single tap of the
contactless payment card, the concept of a Pre-Tap is introduced for Mobile consumer
devices. Pre-Tap is defined as the first presentation of the Mobile consumer device to the
contactless payment reader in a situation where some consumer interaction is required to
complete the transaction (e.g. consumer device CVM), and the cardholder has not
completed that interaction prior to presenting the consumer device for payment. After the
consumer interaction has been completed, the consumer device can be re-presented to the
contactless payment reader to perform a 1st Tap payment transaction.
Although the VMPA applet is presented here in ID-1 card form, its intent is to emulate a
consumer device that has experienced an exception condition (i.e. CDCVM is required but
not performed). The intent of this test case is to ensure that the Reader displays the
correct response message to this condition and performs the correct behavior.
Pre-requisite:
48
MSD 1.4.2 only
Pre-tap
MSD 2.x only
Pre-tap
qVSDC only
Pre-tap
Pre-tap
Visa Confidential
31 August 2015
Test Case Details
Test Case 12/Test Card 12 (Mandatory and Applicable to both Online Only and Offline-capable
devices)
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
12
Test Evidence to be
Submitted:
Document
Reference:
For the Reader: Visa Contactless Payment Specifications Version 2.1 including
published updates
For the Card: Visa Mobile Contactless Payment Specification (VMCPS) 1.4.1
Pass Criteria/User
Validation
ATM
MPOS
Contactless

Card-to-Terminal

applicable)
The Reader should display a message to the cardholder instructing them to refer
to their payment device for further instructions, briefly power down the contactless
interface before returning to Discovery Processing.
31 August 2015
The Reader should display a message to the cardholder instructing them to refer
to their payment device for further instructions, briefly power down the contactless
interface before returning to Discovery Processing.
Visa Confidential
49
Test Case Details

Test Case 13: Card with a CTQ indicating an issuer preference to switch to contact interface on ODA failure.
3.13
Test Case 13: Card with a CTQ indicating an issuer preference to

switch to contact interface on ODA failure.
Test Case 13/Test Card 13 (Conditional and Not Online Applicable)

Test Case Number:
13
Test Case Name:
Card with a CTQ indicating an issuer preference to switch to contact interface on ODA
failure.
Objective:
To ensure correct Reader behavior for a card with a CTQ indicating an issuer preference to
switch to contact interface on ODA failure.
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
CVN = 10
Regional
Requirement:
Conditional in Regions where CDET use has been mandated (i.e. if the Reader is Offlinecapable and supports ODA)
Business
Justification:
Pre-requisite:
Applicable Terminal
Device Type:
50
POS
Reader supports Offline Data Authentication (ODA)
ATM
MSD 1.4.2 only
MSD dCVV (but test case

would not be executed)
MSD 2.x only
MSD CVN 17 (but test case

qVSDC only
qVSDC
qVSDC
MPOS
Visa Confidential
31 August 2015
Test Case Details
Test Case 13/Test Card 13 (Conditional and Not Online Applicable)

Applicable Terminal
Interface:
Contact
Test Card:
13
Test Evidence to be
Submitted:
Document
Reference:
Pass Criteria/User
Validation
a) For Online only devices not supporting ODA:
Contactless

Card-to-Terminal

applicable)
Not Applicable
b) For Offline-capable devices and Online-only Devices supporting ODA:
31 August 2015
The transaction may be sent online and approved by the Visa Certification
If ODA is performed, the Reader should indicate that a switch to the contact
interface is required following the ODA failure.
Visa Confidential
51
Test Case Details

Test Case 14: Card that Declines Transactions
3.14
Test Case 14: Card that Declines Transactions
Test Case 14/Test Card 14 (Mandatory and Not Online Applicable)

Test Case Number:
14
Test Case Name:
Card that Declines Transactions.
Objective:
To ensure terminal does not allow the transaction to be completed over another interface,
with a card that declines Transactions.
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
CVN = 10
Regional
Requirement:
Business
Justification:
Pre-requisite:
MSD 1.4.2 only
MSD dCVV
MSD 2.x only
MSD CVN 17
qVSDC only
qVSDC decline
qVSDC decline
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
14
Test Evidence to be
Submitted:
52
ATM
MPOS
Contactless

Card-to-Terminal
Visa Confidential

applicable)
31 August 2015
Test Case Details

Document
Reference:
Pass Criteria/User
Validation
The transaction should be declined Offline.
31 August 2015
The transaction should be declined Offline.
Visa Confidential
53
Test Case Details

Test Case 15: Card with inconsistent Data
3.15

Test Case Number:
15
Test Case Name:
Card with inconsistent data.
Objective:
To ensure correct Reader behavior for a card with inconsistent data, when Offline Data
Authentication is being performed.
Dual Interface card

o
MSD supports:
Legacy with dCVV
CVN 17
qVSDC supports:
CVN = 10
Regional
Requirement:
Business
Justification:
To ensure compliance with VCPS 2.1 Updates List 3 requirements.
Pre-requisite:
Reader supports Offline transactions and an Offline transaction is attempted.
Applicable Terminal
Device Type:
POS
Applicable Terminal
Interface:
Contact
Test Card:
15
54
ATM
MSD 1.4.2 only
MSD dCVV (but test case

MSD 2.x only
MSD CVN 17 (but test case

qVSDC only
Transaction terminated
Transaction terminated
MPOS
Contactless
Visa Confidential
31 August 2015
Test Case Details

Test Evidence to be
Submitted:
Document
Reference:
Pass Criteria/User
Validation

Card-to-Terminal

applicable)
Not Applicable.
31 August 2015
Transaction is terminated due to inconsistent data.
Visa Confidential
55
Test Case Details

56
Visa Confidential
31 August 2015
Visa CA Test Public Key for qVSDC Offline
For devices that support Offline Data Authentication (ODA), this test key must be loaded into the
terminal to support the test cases associated with Offline Data Authentication.
Note: An expiration date has not been defined for test CA Public Key, and it should not be assumed
that a test key has the same expiry date as the live key of the same length. If your Terminal
Management System requires expiry dates to be provided for CAPKs then please set the expiry date
to 31 December 2025 for this test key.
Important: Prior to deployment, this test key must be removed from the terminal and replaced with
the Visa CA production keys.
A.1 1408 Bit VSDC TEST Key

This key is the Visa CA Public 1408 bit TEST key:
Table A1: 1408 Bit VSDC Test Key
Component
Value
Registered Application
Provider Identifier (RID)
A0 00 00 00 03
Index
92
Modulus
99 6A F5 6F 56 91 87 D0 92 93 C1 48 10 45 0E D8 EE 33 57 39 7B
18 A2 45 8E FA A9 2D A3 B6 DF 65 14 EC 06 01 95 31 8F D4 3B E9
B8 F0 CC 66 9E 3F 84 40 57 CB DD F8 BD A1 91 BB 64 47 3B C8 DC
9A 73 0D B8 F6 B4 ED E3 92 41 86 FF D9 B8 C7 73 57
89 C2 3A 36 BA 0B 8A F6 53 72 EB 57 EA 5D 89 E7 D1 4E 9C 7B 6B
55 74 60 F1 08 85 DA 16 AC 92 3F 15 AF 37 58 F0 F0 3E BD 3C 5C
2C 94 9C BA 30 6D B4 4E 6A 2C 07 6C 5F 67 E2 81 D7 EF 56 78 5D
C4 D7 59 45 E4 91 F0 19 18 80 0A 9E 2D C6 6F 60 08 05 66 CE 0D
AF 8D 17 EA D4 6A D8 E3 0A 24 7C 9F
Exponent
03
Secure Hash Algorithm-1

Hash
42 9C 95 4A 38 59 CE F9 12 95 F6 63 C9 63 E5 82 ED 6E B2 53
Comments:
The expiration date for certificates issued using Visas 1408-bit Test
CA public key is December 31, 2019.
31 August 2015
Visa Confidential
57

1408 Bit VSDC TEST Key
58
Visa Confidential
31 August 2015
This appendix provides a list of acronyms used in this document and in EMV as well as a glossary of
terms.
Table B1: Acronyms
Acronym
Meaning
alpha
AAC
Application Authentication Cryptogram
AAR
Application Authentication Referral
ADA
Application Default Action
ADF
Application Definition File
ADVT
Acquirer Device Validation Toolkit
AEF
Application Elementary File
AFL
Application File Locator
AID
Application Identifier
AIP
Application Interchange Profile
an
alphanumeric
ans
alphanumeric special
APDU
Application Protocol Data Unit
API
Application Priority Identifier
ARPC
Application Response Cryptogram
ARQC
Application Request Cryptogram
ATC
Application Transaction Counter
ATM
Automated Teller Machine
AUC
Application Usage Control
binary
BIN
Bank Identification Number
CA
Certificate Authority
CAM
Card Authentication Method
CAT
Cardholder Activated Device
CDA
Combined Dynamic Data Authentication
31 August 2015
Visa Confidential
59
60
Acronym
Meaning
CDOL
Card Risk Management Data Object List
CID
Cryptogram Information Data
cn
compressed numeric
CSV
Comma-Separated Values
CVK
Card Verification Key
CVM
Cardholder Verification Method
CVR
Card Verification Result
CVV
Card Verification Value
DDA
Dynamic Data Authentication
DDF
Directory Definition File
DDOL
Dynamic Data Authentication Data Object List
DEA
Data Encryption Algorithm
DES
Data Encryption Standard
DGI
Data Group Identifier (used by the Card Personalizer only)
DKI
Derivation Key Index
EMV
Europay, MasterCard & Visa
FCI
File Control Information
GPO
Get Processing Options
hex.
Hexadecimal
IAC
Issuer Action Code
ICVV
Alternate Card Verification Value
IFM
Interface Module
MCC
Merchant Category Code
MDK
Master Derivation Key
MPOS
Mobile Point of Sale Device
N/A
Not Applicable
numeric
PAN
Primary Account Number
PDOL
Processing Options Data Object List
PIN
Personal Identification Number
Visa Confidential
31 August 2015

Acronym
Meaning
PIX
Proprietary Application Identifier Extension
PK
Public Key
PKI
Public Key Infrastructure
PKI
Public Key Index
POS
Point of Sale
PSE
Payment Systems Environment
PSTN
Public Switched Telephone Network
PVK
PIN Verification Key
PVV
PIN Verification Value
RFU
Reserved For Future Use
RID
Registered Application Provider Identifier
RSA
Rivest, Shamir, Adleman
RRN
Retrieval Reference Number
SAD
Signed Static Application Data
SAM
Secure Access Module
SDA
Static Data Authentication
STIP
Stand-In Processing
TAC
Terminal Action Code
TC
Transaction Certificate
TDOL
Transaction Certificate Data Object List
TITF
Terminal Integration Task Force
TLV
Tag-Length-Value
TSI
Transaction Status Information
TVR
Terminal Verification Result
UAT
Unattended Acceptance Device
UCAT
Unattended Cardholder Acceptance Device
UDK
Unique Derived Key
var.
variable
VCMS
Visa Certification Management Service
VIP
VisaNet Integrated Payment
31 August 2015
Visa Confidential
61

Acronym
Meaning
VLP
Visa Low-value Payment
VMTS
Visa Member Test System
VSDC
Visa Smart Debit/Credit
VTS
VisaNet Test System
XML
Extensible Mark-up Language
XSD
XML Schema Definition
Table B2: Glossary

Term
Definition
Application Protocol
Data Unit (APDU
The communication format used between the chip card and the payment
application on a card acceptance device. This format is defined in ISO specification
7816.
Automated Teller
Machine (ATM)
An unattended device that has electronic capability to send transactions online for
authorization, accepts PINs, and disburses currency.
Card Acceptor
Terminal
See Terminal.
Card/Terminal Log
A capture of the interaction between the card/card simulator and the device.
Typically provided in Application Protocol Data Unit (APDU) format.
Card/Terminal Log
Validation
A Test Plan-defined description of the requirements for elements and content of

the card/terminal log to be validated during terminal integration testing.
Cardholder Activated
Device
An unattended device, such as an automated dispensing machine, self-service

device, or limited amount device that is not an ATM.
Certification
Validation that the format, function, and content of authorization messages

executed from a defined test plan adheres to a provided specification and set of
business rules.
Chip-Capable
A transaction acceptance device that is designed and constructed to facilitate the

addition of a chip reader/writer.
Chip-Enabled
For chip cards, this describes the state in which the card has already been
personalized with both cardholder and Brand-specific data in preparation for use.
For terminals, this describes the state in which the terminal has already been
equipped with a chip reader/writer and has been configured with Brand-specific
data and is ready for use in accepting chip cards.
62
Visa Confidential
31 August 2015

Term
Definition
Comma-Separated
Values (CSV)
A format that stores tabular data (numbers and text) in plain-text form (i.e. a
sequence of characters, with no data that has to be interpreted instead, as binary
numbers). A CSV file consists of any number of records, separated by line breaks of
some kind; each record consists of fields, separated by some other character or
string, most commonly a literal comma or tab. Usually, all records have an identical
sequence of fields.
Contact Transaction
An interaction between a chip application and a device using the physical electrical
interface, as defined in [EMV Book 1].
Contactless
Transaction
An interaction between a chip application and a device using the radio frequency
wireless interface, as defined in [EMV CL].
Customer Activated
Terminal (CAT)
See Cardholder Activated Device.
EMVCo LLC (EMVCo)
Industry organization that manages, maintains, and enhances the EMV

Specifications. Current Members are American Express, JCB International,
MasterCard Worldwide, UnionPay, and Visa Inc.
EMV Specifications
Technical specifications developed and maintained by EMVCo to create standards

and ensure global interoperability for use of chip technology in the payment
industry. In order to support EMV, cards and terminals must also meet the
requirements described in the bulletins available on the EMVCo website.
Host Authorization
Message
A description of the transaction message initiated from the device and sent online
via the acquirer and network to the issuer, processor, or Brand for transaction
authorization.
Host Authorization
Message Validation
A Test Plan-defined description of the requirements for elements and content of

the Host Authorization Message to be validated during standalone or terminal
integration testing.
Implement
To make a card, application, or device capable of performing a functionality.

Functionality that is implemented may also need to be enabled (see Chip-enabled).
Interoperability
The ability of all card acceptance devices to accept and read all chip cards that are
properly coded and personalized.
Kernel
EMV definition for the set of functions required to be present on every terminal
implementing a specific interpreter. The kernel contains device drivers, interface
routines, security and control functions, and the software for translating from the
virtual machine language to the language used by the real machine. In other words,
the kernel is the implementation of the virtual machine on the real machine.
Limited Amount
Device
An unattended device that has data capture-only capability, and accepts payment
for items such as parking garage fees, road tolls, etc.
Mobile Point of Sale

(MPOS)
A smartphone, tablet, or dedicated wireless device that performs the functions of a

cash register or electronic point of sale terminal (POS terminal).
31 August 2015
Visa Confidential
63

Term
64
Definition
Offline-Capable
A transaction acceptance device that has the ability to process the transaction
offline for card authentication and authorizations.
Offline-Only
A transaction acceptance device that is only able to process the transaction offline
for card authentication and authorizations.
Online-Capable
A transaction acceptance device that is able to send transactions to the issuer or

processor for authorizations.
Online-Only
A transaction acceptance device that requires that all transactions be sent online
for authorization.
PAN Key Entry
A manual procedure in which the merchant uses a device key pad to enter the PAN
embossed on a card in order to process a transaction.
Pass Criteria
A Test Plan-defined field that describes an expected result for a successful outcome
or conclusion of a test case.
Pass Criteria File
The file (in CSV format) that embeds the Brand-defined pass criteria for each test
case.
Personalization
For chip cards, the process of applying both cardholder and Brand-specific data to
the card in preparation for its use.
Point of Sale
The physical location where a merchant or acquirer in a face-to-face environment

or an unattended device completes a transaction.
Point-of-Sale Device
A device used at the POS to process transactions, including chip devices,

automated dispensing machines, self-service devices, and ATMs.
Terminal
The device used in conjunction with the chip card at the point of transaction to
perform a financial transaction. The terminal incorporates the interface device and
may also include other components and interfaces such as host communications.
Terminal
Configuration
A description of the features and parameters on the acceptance device under test.
For example, it might include the EMV-defined terminal types, supported interfaces,
etc.
Terminal Integration
Testing
A process implemented and managed by the respective Brands, aimed at providing

a level of assurance that Brand-specific requirements and recommendations are
being implemented in contact or contactless chip acceptance devices that will
accept a Brands products.
Terminal Integration
Task Force (TITF)
Task Force established by EMVCo in 2013 with the purpose of examining each of
the Brands terminal integration processes, in order to determine the possibilities of
aligning key elements of these processes.
Test Card Image
An electronic representation of a physical card.
Test Case
A Test Plan-defined description of a test scenario, defined by a Payment Brand for

execution of terminal integration or host message testing.
Test Case Name
A Test Plan-defined description of the name associated with a specific test case.
Visa Confidential
31 August 2015

Term
Definition
Test Case Number
A Test Plan-defined unique test case identifier.
Test Case Objective
A Test Plan-defined description of the objective of performing a given test case.
Test Plan
A Brand-developed and managed set of test criteria that defines the requirement
for terminal integration or host message testing. This may either take the form of a
textual document or a machine-readable file.
Test Procedure
A Test Plan-defined description of the steps required in order to execute a specific

test case.
Test Tool
Confirmation
The process undertaken by each Brand to provide themselves, tool vendors, and
clients will a level of assurance that the tools being used by clients to execute
terminal integration testing will do so in compliance with Brand requirements.
Process is also referred to as Test Tool Qualification.
Test Tool
Qualification
The process undertaken by each Brand to provide themselves, tool vendors, and
clients will a level of assurance that the tools being used by clients to execute
terminal integration testing will do so in compliance with Brand requirements.
Process is also referred to as Test Tool Confirmation.
Transaction
Completion
An EMV definition for the successful closing of transaction processing. The

completion function is always the last function in transaction processing and must
occur unless the transaction is terminated prematurely by error processing.
Unattended
Cardholder Activated
Terminal (UCAT)
A cardholder-operated device that reads, captures, and transmits card information

in an unattended environment.
User Validation
A Test Plan-defined description of the requirements for the user/tester to validate

responses from the device under test.
Extensible Mark-up
Language (XML)
A mark-up language that defines a set of rules for encoding documents in a format
that is both human-readable and machine-readable.
31 August 2015
Also known as Customer Activated Terminal (CAT) or Unattended Acceptance

Device (UAT).
Visa Confidential
65

CDET User Guide V2-2 RevA

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

CDET User Guide V2-2 RevA

Enviado por

Direitos autorais:

Formatos disponíveis

Contactless Device Evaluation Toolkit

Important Information on Confidentiality and Copyright

Contactless Device Evaluation Toolkit - User Guide (Version 2.2 - Revision A)

Contactless Device Evaluation Toolkit - User Guide Overview ............................................................... 10

CDET Usage Guidelines....................................................................................................................................... 14

1.7 New CDET Versions ..................................................................................................................................................... 15

Test Case Introduction ...................................................................................................................................... 18

Reader Capabilities ............................................................................................................................................... 18

Visa CA Test Public Keys ..................................................................................................................................... 18

Configured for Operational Use ...................................................................................................................... 18

Testing and Approval .......................................................................................................................................... 19

Self-Administered Tool ....................................................................................................................................... 19

Initially Deployed Readers ................................................................................................................................. 19

Previously Deployed Readers ........................................................................................................................... 19

Changes to Reader ............................................................................................................................................... 19

Decline Responses vs. Other Errors ................................................................................................................ 19

Contactless Device Evaluation Toolkit - User Guide (Version 2.2 - Revision A)

Test Cards and Test Cases ................................................................................................................................. 20

Online Testing ........................................................................................................................................................ 20

Compliance Reporting ........................................................................................................................................ 20

2.3 Test Case Summary...................................................................................................................................................... 22

Test Case Details ................................................................................................................................................. 25

Visa CA Test Public Key for qVSDC Offline .................................................................................................. 57

Acronyms and Glossary..................................................................................................................................... 59

Contactless Device Evaluation Toolkit - User Guide (Version 2.2 - Revision A)

CDET Support Documentation ......................................................................................................... 7

Document Organization ................................................................................................................... 11

Scope of ADVT Testing..................................................................................................................... 15

Test Case Summary ........................................................................................................................... 22

1408 Bit VSDC Test Key .................................................................................................................... 57

Contactless Device Evaluation Toolkit - User Guide Overview

Contactless Device Evaluation Toolkit - User Guide (Version 2.2 - Revision A)

Contactless Device Evaluation Toolkit (CDET) User Guide

Introduction to the Contactless Device Evaluation Toolkit (CDET) User Guide

CDET Support Documentation

Contactless Device Evaluation Toolkit - User Guide Overview

For copies of the CDET, contact: STCVisaFulfillment@merrillcorp.com

For general information, contact: chiptoolkits@visa.com

Visa Inc. consists of the following regions:

Asia Pacific (AP)

Central Europe Middle East and Africa (CEMEA)

United States (U.S.)

Visa Europe consists of the following countries and territories:

Contactless Device Evaluation Toolkit - User Guide Overview

Contactless Device Evaluation Toolkit - User Guide (Version 2.2 - Revision A)

CDET Support Documentation

CDET Support Documentation

Visa Contactless Device

An overview of the CDET

Appendices providing details

This document provides the

This document is intended for

Contactless Device Evaluation Toolkit - User Guide Overview

Contactless Device Evaluation Toolkit - User Guide Overview

Contactless Device Evaluation Toolkit - User Guide (Version 2.2 - Revision A)

Document Revision Log

Support of card changes defined in the CDET Version

Contactless Device Evaluation Toolkit - User Guide Overview

Contactless Device Evaluation Toolkit - User Guide

The audience for this Toolkit consists primarily of:

System Integrators - working on behalf of acquiring clients or merchants in the deployment of

This document contains the following chapters:

Contactless Device Evaluation Toolkit - User Guide Overview

Contactless Device Evaluation Toolkit - User Guide (Version 2.2 - Revision A)