EMV

Application

Europay, Mastercard, and Visa -- the global standard for chip-based payment card transactions.

Also known as: Europay Mastercard Visa Chip and PIN

EMV

EMVEMVApplicationGlobal chip payment card standard.Click to view → (Europay, Mastercard, and Visa) is the global standard for chip-based payment card transactions, replacing the legacy magnetic stripe infrastructure with cryptographically secured smart card technology. Managed by EMVCo, the EMV specifications define the physical, electrical, and application-level interfaces for contact and contactless payment cards, terminals, and mobile payment systems.

How an EMV Transaction Works

An EMV contact transaction follows a structured flow:

  1. Application Selection: The terminal reads the card's AID list and selects the appropriate payment application (Visa, Mastercard, etc.)
  2. Read Application Data: The terminal retrieves card records containing cardholder name, PAN, expiry date, and issuer certificates
  3. Offline Data Authentication: The terminal verifies the card's authenticity using SDA (Static Data Authentication), DDA (Dynamic Data Authentication), or CDA (Combined DDA/AC Generation)
  4. Cardholder Verification: PIN entry, signature, or no CVM depending on risk parameters
  5. Risk Management: Terminal and card evaluate floor limits, velocity checks, and offline counters
  6. Transaction Authorization: The card generates an Application Cryptogram (ARQC for online, TC for offline approval, AAC for decline) using 3DES or AES
  7. Issuer Authentication: For online transactions, the issuer validates the ARQC and returns an authorization response

EMV Contactless

EMV contactless (tap-to-pay) uses ISO 14443 at 13.56 MHz for RF communication. The transaction flow is condensed for speed — the terminal performs application selection and reads card data in a single command sequence, and cardholder verification is typically waived for transactions below the contactless CVM limit (varies by country, commonly $50-$100). The qVSDC (Visa), PayPass (Mastercard), and ExpressPay (American Express) specifications define the brand-specific contactless protocols.

EMV Security Mechanisms

Mechanism Purpose
Offline Data Authentication Proves the card is genuine without network connectivity
Application Cryptogram Transaction-specific MAC preventing replay attacks
PIN encryption Protects cardholder PIN in transit (offline or online)
Card risk management On-card counters and limits for offline transaction control
Issuer scripts Post-authorization commands for card updates (PIN unblock, parameter changes)

EMV Chip Types

EMV-compliant cards are built on JavaCard or MULTOS platforms with a Secure Element certified to EAL 4+ under Common Criteria. Modern issuance exclusively uses dual-interface modules supporting both contact and contactless on a single chip.

Related Content

Smart Card Fundamentals

Getting Started

…Medium–High ($2–$15) Examples MIFARE Classic, SLE 4442 EMV chip, ePassport, PIV How Communication Works When a…

Contact vs Contactless vs Dual-Interface

Getting Started

…in high-cycle deployments. Typical applications: banking EMV cards, ePassport chips (in the document's RF chip —…

Smart Card Reader Setup Guide

Getting Started

…NFC payments, transit cards, passports Dual-interface Both EMV dual-interface, ePassport readers USB CCID USB 2.0 class…

ISO 14443 Deep Dive

Standards & Protocols

…to detuning by nearby metal surfaces. Continue to EMV Payment Architecture for how EMV builds a payment…

EMV Payment Card Architecture

Standards & Protocols

EMV Payment Card Architecture EMV — the global standard for…

EMV Contactless Kernel Deep Dive

Standards & Protocols

EMV Contactless Kernel Deep Dive The EMV Contactless…

Common Criteria for Smart Cards

Security

…standard used to certify chips for European national eID, EMV, and banking programmes. Protection Profiles A Protection…

Smart Card Cryptography

Security

…storage and wrapping, and 3DES is retained only for legacy EMV and SCP02 backward compatibility. Algorithm Key length…

Frequently Asked Questions

The smart card glossary is a comprehensive reference of technical terms, acronyms, and concepts used in smart card technology. It covers protocols (APDU, T=0, T=1), security (Common Criteria, EAL, HSM), hardware (SE, EEPROM, contact pad), and applications (EMV, ePassport, eSIM). It serves developers, product managers, and engineers.

Yes. SmartCardFYI provides glossary definitions in 15 languages including English, Korean, Japanese, Chinese, Spanish, Portuguese, Hindi, Arabic, French, Russian, German, Turkish, Vietnamese, Indonesian, and Thai.