Problems coding an APDU command to verify PIN
I'm trying to send a VERIFY (pin) command using javax.smartcardio API. My Pin code is 12345678.
Based on some examples I've found on the net, I've tried with this APDU:
00 20 00 83 08 01 02 03 04 05 06 07 08
but the result is:
69 84 (reference data invalid).
I've tried also with:
00 20 00 83 08 12 34 56 78
But I still get the same error.
According to my SmartCart specifications, the card has support for:
- ISO 7816 smart cards type A, B and C (5 V, 3 V, 1.8 V)
- Compatible with communication protocols T=0, T=1
- Support for PPS (Protocol and Parameters Selection)
I'm a bit desperate as I cannot find a way out. Can you suggest me some changes to my APDU or even a completely different approach (another library or language to connect with my Smart Card)?
Answer
Since your card is ISO 7816, please refer the APDU from the following link section 6.12.
What you need to do is:
- Check the reference data (P2) that is used. For PIN, usually it is '01' or '81'. But again, check the correct one from your card supplier.
- Before doing the actual VERIFY command, try to get the remaining tries first. This will help you from locking the PIN, because each false verification reduce your remaining tries. This can be done by setting the Lc = '00' and remove your command data. The response is SW1='63' and SW2='CX', where X denotes the remaining tries. APDU command example:
00 20 00 81 00 - You need to convert your PIN into ASCII hex bytes. Therefore, if your PIN is 12345678 then the APDU is
00 20 00 81 08 31 32 33 34 35 36 37 38.