If you can’t find the information that you’re looking for regarding the merchant services, payment gateways and payment processing in general on daily basis, please use the button below to ask us a question. All your questions about payments are welcome and they will get answered as soon as possible (5-7 business days).
Basically, EMV card keys (certificate authority or CA keys) are intended for static data authentication.
Offline static data authentication (SDA) card authentication is a protocol for verifying that an EMV card is legitimate.
Offline card authentication is performed without an internet connection. EMV cards are pre-loaded with digitally-signed certificates and keys. Terminals have complementary keys provided by accepted payment brands at the time of terminal configuration.
In SDA, the terminal uses its public key to validate the card’s certificate. It then derives a key from the certificate and uses that key to validate the card’s static data.
EMV card encrypts data using its encryption key pre-loaded by the card brand, and the terminal decrypts it using the complementary key. If it is able to decrypt the data correctly, then the SDA is correct, and the card and the terminal can exchange encrypted data. This encryption procedure provides an additional level enhances of security of EMV payments.
For certification procedures special test keys are used, while during actual payments production keys are used.
Every card brand uses its own unique set of keys.
Every key has its own expiration date, so with time keys can become deprecated, and new keys have to be issued.
If you are an entity that accepts EMV card payments, you can get particular CA keys from your payment processor or payment service provider.