The following steps explain the flow of the standard

This preview shows page 68 - 70 out of 84 pages.

The following steps explain the flow of the standard Payment Token data fields in the authorisation message when the mobile device is used at an NFC-enabled point of sale terminal. 1. The mobile device will interact with the NFC terminal through the payment application and pass the following key Payment Token data elements to the Merchant terminal: a. Payment Token will be passed in the existing PAN field. b. Token Expiry Date will be passed in the PAN Expiry Date field. c. Token Cryptogram will be generated based on the Token data elements and will be passed in the Chip Cryptogram field. (The cryptogram may be a full chip cryptogram, or an abbreviated Track 2 equivalent cryptogram.) d. Token Requestor ID will be passed as an optional field. e. All other contactless data elements will be created and passed following the contactless data standards. NOTE The Token Cryptogram generated from the mobile device along with POS Entry Mode will serve as the Domain Restriction Control fields that will be used by the Token Service Provider to validate the integrity of the transaction using that Payment Token. 2. The Merchant terminal will pass the contactless authorisation request to the Acquirer, carrying all of the standard Payment Token data fields and contactless data elements; POS Entry Mode will be set to indicate contactless transaction. 3. The Acquirer will perform routine processing checks and pass the Token data fields and the contactless data to the Payment Network. 4. The Payment Network will interface with the Token Service Provider to: a. Retrieve the PAN. b. Verify the state of the Payment Token to PAN mapping in the Token Vault for the active Payment Token, and other controls that may be defined for that Payment Token. c. Validate the Token Cryptogram and validate the Token Domain Restriction Controls for that Payment Token (alternatively the Card Issuer may validate the cryptogram if it has the necessary keys). d. Retrieve the Token Requestor ID if it was not provided in the authorisation message. 5. The Payment Network will send the authorisation request to the Card Issuer, with the following changes to the authorisation request message:
Image of page 68

Subscribe to view the full document.