- 1,179
- 44
Table of Contents
- Understanding Your Tools (IST Files & ART Tool)
- How to Analyze & Modify IST Files
- Using ART Tool for Terminal Emulation
- Writing IST Data to JCOP Cards
- Testing Cloned Cards in Terminals
- Common Issues & Troubleshooting
- Security & Detection Risks
- Where to Go Next (Further Learning)
1. Understanding Your Tools
What is an IST File?
- Integrated Stack Table (IST)is a binary file containing:
- ATR (Answer To Reset) – Card initialization bytes.
- AIDs (Application Identifiers) – Visa, Mastercard, etc.
- CAP Keys (Certification Authority Public Keys) – Used for transaction authentication.
- PDOL/AFL (Dynamic EMV parameters) – Configures how the card interacts with terminals.
What is ART Tool?
- Auto-Reference Terminal (ART)is a software/hardware tool that:
- Emulates POS terminals to test EMV card responses.
- Generates ARQC/ARPC (Authorization Request Cryptogram).
- Tests IST files before writing to JCOP cards.
2. Analyzing & Modifying IST Files
Tools Needed:
- 010 Editor (Binary analysis)
- EMV Foundry (For advanced IST editing)
- PyResMan (For manual IST extraction)
Step 1: Open IST File in Hex Editor
- Check the header (usually starts with IST1 or similar).
- ATR (First few bytes after header)
- AID List (Structured as A0 00 00 00 03 10 10 for Visa)
- CAP Keys (Often starts with 9F 46 tag)
Step 2: Modify IST File (If Needed)
- Change AID? → Replace existing AID bytes.
- Inject new CAP keys? → Overwrite modulus (9F 46) and exponent (9F 47).
- Adjust PDOL? → Modify TLV-encoded fields.
Step 3: Validate IST File
- Use ART Tool to check if the modified IST generates valid ARQC/ARPC.
- If errors occur, revert to original IST and compare differences.
3. Using ART Tool for Terminal Emulation
Key Features of ART Tool:
- ARQC Generation – Simulates transaction auth.
- Terminal Emulation – Acts like a real POS.
- IST Testing – Checks if an IST file is valid before burning to JCOP.
Step-by-Step Testing:
- Load IST File into ART Tool
- File → Open IST → Select your file.
- Choose Visa/MC/Amex terminal settings.
4. Writing IST Data to JCOP Cards
Tools Needed:
- JCOP Manager / GlobalPlatformPro (for card personalization)
- ACR122U or Omnikey Reader (for communication)
Step-by-Step Flashing:
- Connect JCOP Card
- Insert blank JCOP into reader.
- Use gp --install card.ist (GlobalPlatformPro).
5. Testing Cloned Cards in Real Terminals
What to Expect:
- If IST is well-configured:
- Card will generate ARQC (chip authentication works).
- May still decline if issuer detects cloned CAP keys.
- Terminal may fall back to magstripe (if allowed).
- May show "Chip Error - Use Swipe".
Best Test Environments:
- Old terminals (gas stations, parking meters).
- EMV test terminals (safe for research).
6. Common Issues & Fixes
| Problem | Likely Cause | Solution |
|---|---|---|
| "Card Blocked" | Invalid CAP keys | Extract correct issuer keys |
| "Insert Chip" | ATR mismatch | Clone original ATR exactly |
| No ARQC Generated | PDOL misconfigured | Adjust PDOL in IST |
| ARQC Fails Auth | Bank detects clone | Use different CAP keys |
7. Security & Detection Risks
- Banks detect clones via:
- Dynamic ARQC (changes per transaction).
- Velocity checks (unusual spending patterns).
- DDA/CDA (offline authentication).
- Legal risks: Unauthorized cloning is illegal in most countries.
8. Where to Go Next (Further Learning)
- Deep Dive into EMV Protocols:
- Study EMV Book 1-4 (public specs).
- Learn to write custom applets for JCOP.
Final Thoughts
You now have:- IST file analysis skills
- ART Tool testing methods
- JCOP flashing knowledge
Test different IST files in ART Tool Try writing to multiple JCOP cards Learn about ARQC/ARPC generation