Card Holder Verification (CHV) is the process of verifying the identity of the cardholder using a personal identification number (PIN) or other authentication method as defined in the ISO/IEC 7816-4 specification. This verification process often is referred to as PIN entry or PIN checking. In this process, a file is written within the file structure of a smart card. A PIN value is then written in this file. When a cardholder inserts a card into a terminal, the off-card application requests the bearer to enter a PIN through a terminal keypad. The number sequence then entered is passed through an application protocol data unit (APDU) command to the card, which then compares the value supplied by the terminal (which was entered by the cardholder) to the value in the CHV file. If they match, the cardholder is then identified (so far as the card is concerned) as the person for whom the card will act. The CHV process is typically used to protect sensitive data stored on the smart card, such as financial information or personal identification information.
The ISO/IEC 7816-4 specification defines several CHV-related commands that can be used by the card reader to communicate with the smart card and perform the verification process. These commands include the VERIFY command, which is used to verify the correctness of the PIN entered by the cardholder, and the CHANGE REFERENCE DATA command, which is used to change the PIN.
The ISO/IEC 7816-4 specification provides several guidelines for the implementation and use of the cardholder verification (CHV) process in a smart card system. Some of these guidelines include:
Secure storage of the secret key: The smart card should securely store the secret key used for the CHV process to prevent unauthorized access. The key should be protected against physical tampering, and the card should have measures in place to detect and respond to attempted attacks.
Strong authentication methods: The CHV process should use strong authentication methods, such as PINs, biometric data, or other forms of identification, to verify the cardholder’s identity. The authentication method used should be appropriate for the level of security required for the application or transaction.
Secure communication: The communication between the smart card and the card reader should be secure to prevent interception or tampering. The ISO/IEC 7816-4 specification defines several security protocols that can be used for this purpose, including mutual authentication, data encryption, and integrity checks.
Lockout and recovery mechanisms: The smart card should have mechanisms in place to prevent brute-force attacks on the CHV process, such as limiting the number of failed attempts and locking the card after a certain number of failures. The card should also have a mechanism for recovery, such as a PUK (PIN Unblock Key), that can be used to reset the PIN or unlock the card.
Clear user guidance: The smart card should provide clear and concise guidance to the user on how to use the CHV process, including how to enter and change the PIN, and what to do in case of a lockout.
Related Products
Related Articles
FEITIAN achieved the FIDO Biometric Component Certification
Beijing, China and Santa Clara, CA — April 29, 2021 — FEITIAN has been qualified to be the first security key and smart card vendor to achieve the FIDO Biometric Component Certification. This is mandatory to qualify for FIDO
PSIA introduces Secure Credential Interoperability initiative
(SANTA CLARA, Calif.—April 20, 2021) The Physical Security Interoperability Alliance (PSIA) today announced its Secure Credential Interoperability (SCI) initiative and a working group to advance its development. “The physical access control industry has demonstrated a need for a universally compatible
Samsung Leads Industry In Smart Card Chip Technology
April 13, 2002 -- Samsung’s 8KB EEPROM device has already received chip technology approval from Visa International. The company’s 2KB and 4KB devices are currently undergoing Visa International EMV Certification. Rigorous testing, due to be completed in May, will evaluate basic
Shufti Pro Launches NFC Verification to Simplify Identity Verification Workflow
London, United Kingdom, April 13, 2021 -- Shufti Pro, an AI-powered identity verification service provider has launched a new product, NFC Verification, to enhance its IDV process. NFC verification by Shufti Pro uses Near field Communication technology to swiftly
IDEMIA, G+D and NXP Launch WLA to Offer Smart Card and Online Payment Firms an Independent Contactless Payment Standard
March 11, 2021 -- MUNICH, Germany -- The White Label Alliance (WLA) was formed in response to increasing global demand for next-generation, independent payment solutions. WLA consolidates and sets independent standards for contact and contactless smart cards, mobile and other
Juniper Systems Limited Introduces New Mesa 3 Smart Card Reader for High-Security Industries
BIRMINGHAM, United Kingdom, Feb. 24, 2021 -- Juniper Systems Limited announces its new Mesa® 3 Smart Card Reader. This military-grade, CAC/PIV-compatible smart card reader (SCR) integrates with Juniper’s Mesa 3 Rugged Tablet, providing the ultimate two-tier authentication solution for data protection in