About Message Authentication Codes (MAC)

“MAC” is an abbreviation of Message Authentication Code, which is a string of bytes included in a message that can be used to provide reasonable assurance that the message originated from a trusted source and has not been modified.

MACs for EMV Data

This section describes how to calculate MACs for EMV ARQC and EMV Batch Data.

The key and variant used to calculate the MAC is determined by how the DUKPT Key Mapping is mapped; this can be set up for TDES or AES mode.

The key used to calculate the MAC is normally the same key used to encrypt the encrypted data included as part of the same data structure. For TDES MAC, the key variant is always Message Authentication, Request or Both Ways. For AES MAC, this can be AES-128 or AES-256; the valid usages are: 0x08 = MAC Generate, 0x0A = MAC Generate/Verify.

For TDES MAC:

• ANSI X9.24-3-2017

• The MAC operations follow the CBC procedure described in ISO 16609 Section C.4 using padding method 1 defined in ISO 9797 section 6.1.1.

For AES CMAC:

• NIST Special Publication 800-38B Section 6.2 MAC Generation

The data structure for both EMV ARQC and EMV Batch Data has the following format related to MACing:

AAAA /* 2-byte MSB message length excluding padding and CBC-MAC */

F9<len> /* container for MAC structure and generic data */ DFDF54(MAC KSN)<len><val>

DFDF55(MAC Encryption Type)<len><val> DFDF25(IFD Serial Number)<len><val>

<Nested TLV data objects specific to the message>

<Padding to force the 2-byte MSB message length plus F9 plus padding to be a multiple of 8 bytes>

<Four byte CBC-MAC of all data starting with the 2-byte MSB message length and ending with the last byte of padding (if any)>