SIST EN 300 477 V1.2.2:2003

SLOVENSKI STANDARD
01-december-2003
6YHWRYQHRVHEQHWHOHNRPXQLNDFLMH837±837ID]D±)XQNFLMVNDVSHFLILNDFLMD
YPHVQLNDþLSQHNDUWLFH,&&VLVWHPD837LQQDSUDY]DVSUHMHPDQMHWHNDUWLFH
&$'±'YRWRQVNDYHþIUHNYHQþQD'70)QDSUDYDNLVSUHMHPDNDUWLFH837
Universal Personal Telecommunication (UPT); UPT phase 2; Functional specification of
the interface of a UPT Integrated Circuit Card (ICC) and Card Accepting Devices (CAD);
UPT card accepting Dual Tone Multiple Frequency (DTMF) device
Ta slovenski standard je istoveten z: EN 300 477 Version 1.2.2
ICS:
33.040.35 Telefonska omrežja Telephone networks
35.240.15 Identifikacijske kartice in Identification cards and
sorodne naprave related devices
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EN 300 477 V1.2.2 (1999-05)
European Standard (Telecommunications series)
Universal Personal Telecommunication (UPT);
UPT phase 2;
Functional specification of the interface of a UPT Integrated
Circuit Card (ICC) and Card Accepting Devices (CAD);
UPT card accepting Dual Tone Multiple
Frequency (DTMF) device
2 ETSI EN 300 477 V1.2.2 (1999-05)
Reference
REN/NA-064012 (4f000ipc.PDF)
Keywords
card, DTMF, UPT
ETSI
Postal address
F-06921 Sophia Antipolis Cedex - FRANCE
Office address
650 Route des Lucioles - Sophia Antipolis
Valbonne - FRANCE
Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88
Internet
secretariat@etsi.fr
Individual copies of this ETSI deliverable
can be downloaded from
http://www.etsi.org
If you find errors in the present document, send your
comment to: editor@etsi.fr
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 1999.
All rights reserved.
ETSI
3 ETSI EN 300 477 V1.2.2 (1999-05)
Contents
Intellectual Property Rights . 7
Foreword. 7
1 Scope. 8
2 References . 8
3 Definitions, symbols and abbreviations. 9
3.1 Definitions . 9
3.2 Symbols . 10
3.3 Abbreviations. 11
4 Physical characteristics. 11
4.1 Format and layout . 11
4.1.1 ID-1 size. 12
4.1.2 Plug-in size. 12
4.2 Temperature range for card operation. 12
4.3 Contacts . 12
4.3.1 Provision of contacts. 12
4.3.2 Activation and deactivation. 12
4.3.3 Contact pressure. 13
4.4 Precedence. 13
5 Electronic signals and transmission protocols. 13
5.1 Supply voltage . 13
5.2 Reset (RST) (contact C2). 14
5.3 Programming voltage. 14
5.4 Clock (CLK) . 14
5.5 I/O (contact C7) . 14
5.6 States. 15
5.7 Baud rate. 15
5.8 ATR . 15
5.8.1 Structure and contents . 15
5.8.2 PTS procedure. 17
5.9 Error handling. 17
6 Logical model . 18
6.1 General model. 18
6.2 File identifier . 18
6.3 MF . 19
6.4 Dedicated Files . 19
6.5 EFs. 19
6.5.1 Transparent EF. 19
6.5.2 Linear fixed EF . 20
6.5.3 Cyclic EF. 20
6.6 Methods for selecting a file. 21
6.7 Reservation of file IDs. 22
7 Security services and facilities . 23
7.1 Authentication key . 23
7.2 Algorithms and processes . 23
7.2.1 Card Holder Verification. 23
7.2.2 Strong authentication. 24
7.3 File access conditions . 24
7.4 Function access condition. 25
7.5 Identification, keying and algorithm information. 25
ETSI
4 ETSI EN 300 477 V1.2.2 (1999-05)
8 Description of the functions . 25
8.1 SELECT. 26
8.2 READ BINARY . 26
8.3 UPDATE BINARY . 27
8.4 READ RECORD . 27
8.5 UPDATE RECORD . 28
8.6 SEEK . 28
8.7 VERIFY CHV . 29
8.8 CHANGE CHV . 30
8.9 UNBLOCK CHV. 30
8.10 INTERNAL AUTHENTICATION . 31
9 Description of the commands . 31
9.1 Mapping principles . 31
9.1.1 Command Application Protocol Data Unit . 31
9.1.2 Response APDU. 31
9.1.3 Command APDU conventions . 31
9.2 Definitions and coding. 31
9.3 Coding of the commands . 32
9.3.1 SELECT. 32
9.3.2 READ BINARY. 37
9.3.3 UPDATE BINARY. 37
9.3.4 READ RECORD. 37
9.3.5 UPDATE RECORD. 38
9.3.6 SEEK. 38
9.3.7 VERIFY CHV. 39
9.3.8 CHANGE CHV. 39
9.3.9 UNBLOCK CHV. 39
9.3.10 INTERNAL AUTHENTICATION. 39
9.3.11 GET RESPONSE. 40
9.4 Access condition coding . 40
9.5 Coding of CHVs and UNBLOCK CHVs. 41
9.6 Status conditions returned by the card . 41
9.6.1 Security management . 41
9.6.2 Memory management. 41
9.6.3 Referencing management . 42
9.6.4 Application independent errors . 42
9.6.5 Responses to commands which are correctly executed or supporting chaining mechanism. 42
9.6.6 Commands versus possible status responses . 42
10 Contents of the EFs. 43
10.1 EF . 44
CHV1
10.2 Contents of the EFs at the MF level. 44
10.2.1 EF . 45
ID
10.2.2 EF . 45
ICC
10.2.3 EF (Directory) . 46
DIR
10.2.4 EF (Language preference) . 46
LANG
10.2.5 EF . 47
NAME
10.3 Contents of files at the UPT application level . 47
10.3.1 EF . 47
CT
10.3.2 EF (PUI) . 47
PUI
10.3.3 EF (Sequence number). 48
SEQ
10.3.4 EF (PIM service table) . 48
PST
10.3.5 EF (Time-out value). 49
TV
10.3.6 EF (Maximum time-out value) . 50
MTV
10.4 Contents of files at the telecom level . 50
10.4.1 EF (Abbreviated Dialling Numbers). 50
ADN
10.4.2 EF (Last number dialled) . 52
LND
10.4.3 EF (Extension1). 52
EXT1
ETSI
5 ETSI EN 300 477 V1.2.2 (1999-05)
11 Application protocol. 54
11.1 General procedures . 56
11.1.1 Reading an EF (M). 56
11.1.2 Updating an EF (M) . 56
11.1.3 Seeking in an EF (O). 56
11.1.4 Selecting an EF or DF (M). 57
11.2 PIM management procedures. 57
11.2.1 PIM initialization (M) . 59
11.2.2 PIM session (M). 60
11.2.3 PIM session termination (M). 61
11.2.4 Application selection procedure (M). 61
11.2.5 Check services (M) . 62
11.2.5A Start timer. 62
11.2.6 Timer value substitution (O) . 63
11.3 CHV related procedures . 63
11.3.1 CHV verification (M). 63
11.3.2 CHV value substitution (O). 64
11.3.3 CHV unblocking (O). 64
11.4 UPT security related procedures. 65
11.4.1 One pass strong authentication (M). 65
11.5 Telecom procedures (O) . 66
11.5.1 Dialling numbers. 66
11.5.1.1 Update . 67
11.5.1.2 Erasure. 69
11.5.1.3 Request . 70
11.5.1.4 Purge. 71
11.6 General information procedures. 72
11.6.1 NAME request procedure (O). 72
11.6.2 Language preference procedures (O) . 72
11.6.2.1 Request . 72
11.6.2.2 Update . 73
Annex A (normative): Plug-in UPT card . 74
Annex B (normative): Implementation Conformance Statement (ICS) for the PIM. 75
B.1 ICS proforma for the PIM. 75
B.2 Identification of the implementation, product supplier and test laboratory client . 75
B.3 Identification of the standard. 75
B.4 Global statement of conformance. 76
B.5 Interpretation of the tables. 76
B.6 Physical characteristics. 76
B.6.1 ID-1 size . 77
B.6.2 Plug-in size . 77
B.6.3 Contacts . 77
B.7 Electronic signals and transmission protocols. 77
B.7.1 Supply voltage VCC (contact C1) . 78
B.7.2 Reset RST (contact C2) . 78
B.7.3 Clock CLK (contact C3) . 78
B.7.4 I/O (contact C7) . 78
B.7.5 States. 79
B.7.6 Answer to Reset (ATR) . 79
ETSI
6 ETSI EN 300 477 V1.2.2 (1999-05)
B.8 Logical model . 80
B.9 Security features and facilities. 80
B.10 Description of functions . 81
B.11 Contents of the EFs. 81
Annex C (normative): Implementation Conformance Statement (ICS) for the CAD . 82
UPT
C.1 ICS proforma for the CAD . 82
UPT
C.2 Identification of the implementation, product supplier and test laboratory client . 82
C.3 Identification of the standard. 82
C.4 Global statement of conformance. 83
C.5 Interpretation of the tables. 83
C.6 Physical characteristics. 84
C.7 Electronic signals and transmission protocols. 84
C.7.1 Supply voltage VCC (contact C1) . 85
C.7.2 Reset RST (contact C2) . 85
C.7.3 Clock CLK (contact C3) . 85
C.7.4 I/O (contact C7) . 85
C.7.5 States. 86
C.7.6 Answer to Reset (ATR) . 86
C.8 Security features and facilities. 86
C.9 Coding of the commands . 87
C.10 Application protocol. 87
Annex D (informative): Example of a normal UPT session. 88
Bibliography . 90
History. 91
ETSI
7 ETSI EN 300 477 V1.2.2 (1999-05)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect
of ETSI standards", which is available free of charge from the ETSI Secretariat. Latest updates are available on the
ETSI Web server (http://www.etsi.org/ipr).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in SR 000 314 (or the updates on the ETSI Web server)
which are, or may be, or may become, essential to the present document.
Foreword
This European Standard (Telecommunications series) has been produced by ETSI Technical Committee Network
Aspects (NA).
National transposition dates
Date of adoption of this EN: 23 April 1999
Date of latest announcement of this EN (doa): 31 July 1999
Date of latest publication of new National Standard
or endorsement of this EN (dop/e): 31 January 2000
Date of withdrawal of any conflicting National Standard (dow): 31 January 2000
ETSI
8 ETSI EN 300 477 V1.2.2 (1999-05)
1 Scope
The present document defines the interface between the Universal Personal Telecommunication (UPT) card and the
Card Accepting Device (CAD) for the operational phase. It also defines those aspects of the internal organization of the
UPT card which are related to the operational phase. This is to ensure interoperability between a UPT card and a CAD
independently to the respective manufacturers and UPT service provider.
The present document only defines the interface between a UPT card and a card reading Dual Tone Multiple Frequency
(DTMF) device (I-ETS 300 380 [1]).
NOTE: Other types of CADs are under study.
The present document defines:
- the requirements for the physical characteristics of the UPT card, the electrical signals and the transmission
protocol;
- the model which shall be used as a basis for the design of the logical structure of the UPT card;
- the security features;
- the interface functions;
- the commands for operating the interface functions;
- the contents of the files required for the UPT application;
- the service set to be supported in the UPT card;
- the application protocol (security, services, etc.);
- the Implementation Conformance Statement (ICS) proformas.
The present document does not specify any aspects related to the administrative management phase. Any internal
technical realization of either the UPT card or the CAD are only specified where these reflect over the interface. The
present document does not specify any of the security algorithms which may be used.
2 References
The following documents contain provisions which, through reference in this text, constitute provisions of the present
document.
• References are either specific (identified by date of publication, edition number, version number, etc.) or
non-specific.
• For a specific reference, subsequent revisions do not apply.
• For a non-specific reference, the latest version applies.
• A non-specific reference to an ETS shall also be taken to refer to later versions published as an EN with the same
number.
[1] I-ETS 300 380: "Universal Personal Telecommunication (UPT); Access devices Dual Tone Multi
Frequency (DTMF) sender for acoustical coupling to the microphone of a handset telephone".
[2] ETS 300 391-1: "Universal Personal Telecommunication (UPT); Specification of the security
architecture for UPT phase 1; Part 1: Specification".
[3] I-ETS 300 045 (1992): "European digital cellular telecommunication system (Phase 1); Subscriber
Identity Module - Mobile Equipment (SIM-ME) interface specification (GSM 11.11)".
ETSI
9 ETSI EN 300 477 V1.2.2 (1999-05)
[4] CCITT Recommendation T.50 (1988): "International alphabet No 5 "(ISO 646: 1983, Information
processing - ISO 7-bits coded characters set for information interchange)".
[5] ISO 639 (1988): "Code for the representation of names of languages".
[6] ISO 7810 (1985): "Identification cards - Physical characteristics".
[7] ISO 7811-1 (1985): "Identification cards - Recording technique - Part 1: Embossing".
[8] ISO 7811-3 (1985): "Identification cards - Recording technique - Part 3: Location of embossed
characters on ID-1 cards".
[9] ISO/IEC 7816-1 (1987): "Identification cards - Integrated circuit(s) cards with contacts - Part 1:
Physical characteristics".
[10] ISO/IEC 7816-2 (1988): "Identification cards - Integrated circuit(s) cards with contacts - Part 2:
Dimensions and locations of the contacts".
[11] ISO/IEC 7816-3 (1990): "Identification cards - Integrated circuit(s) cards with contacts - Part 3:
Electronic signals and transmission protocols".
[12] ISO/IEC 7816-4: "Information technology - Identification cards - Integrated circuit(s) cards with
contacts - Part 4: Interindustry commands for interchange".
[13] ISO 8859-1 (1987): "Information processing - 8-bit single-byte coded graphic character sets -
Part 1: Latin alphabet No. 1".
[14] EN 726-3 (1994): "Terminal Equipment (TE); Requirements for IC cards and terminals for
telecommunication use Part 3: Application independent card requirements".
[15] EN 726-6 (1994): "Terminal Equipment (TE); Requirements for IC cards and terminals for
telecommunication use - Part 6: Telecommunication features".
[16] ENV 1375-1: "Identification card systems - Intersector integrated circuit(s) card additional
formats - Part 1: ID-000 card size and physical characteristics".
3 Definitions, symbols and abbreviations
3.1 Definitions
For the purposes of the present document, the following terms and definitions apply:
access conditions: set of security attributes associated with a file
ADM: access condition to an EF which is under the control of the authority which creates this file
administrative phase: part of the card life between the manufacturing phase and the usage phase
application: application consists of a set of security mechanisms, files, data and protocols (excluding transmission
protocols) which are located and used in the Integrated Circuit (IC) card and outside the IC card (external application)
application protocol: set of procedures required by the application
CAD : card accepting device for UPT. All type of telecommunication terminals with a card reader accepting a UPT
UPT
card
card holder verification: authentication of the user to the UPT card
card session: link between the card and the external world starting with the Answer To Reset (ATR) and ending with a
subsequent reset or a de-activation of the card
CHV1: CHV; access condition used by the PIM for the verification of the identity of the user
ETSI
10 ETSI EN 300 477 V1.2.2 (1999-05)
current directory: latest Master File (MF) or Dedicated File (DF) selected
current Elementary File (EF): latest EF selected
current file: latest MF, DF or EF selected
Dedicated File (DF): file containing access conditions and, optionally, EFs or other DFs
device holder verification: authentication of the user to the UPT access device
directory: general term for MF or DF
Elementary File (EF): file containing access conditions and data and no other files
file: directory or an organized set of bytes or records in the PIM
file identifier: 2 bytes which address a file in the UPT card
ID-1 UPT card: UPT card having the format of an ID-1 card (see ISO/IEC 7816-1 [9])
Local Personal Identification Number (LPIN): used for card holder verification
Master File (MF): unique mandatory DF representing the root
padding: one or more bits appended to a message in order to cause the message to contain the required number of bits
or bytes
PIM: data, functions and procedures residing in an IC card needed to gain access to UPT. It can be implemented as part
of a multi-application card or as a UPT dedicated card
plug-in UPT card: second format of UPT card (see clause 4)
record: string of bytes within an EF handled as a single entity (see clause 6)
record number: number which identifies a record within an EF
record pointer: record pointer is used to address one record in an EF
Special Local Personal Identification Number (SLPIN): used to unblock the CHV1
UPT card application: set of security mechanisms, files, data and protocols which are located and used in the UPT
card for the UPT service
UPT card session: link between the UPT card and the CAD starting with the ATR and ending with the subsequent
UPT
reset or deactivation of the card
3.2 Symbols
For the purposes of the present document, the following symbols apply:
Vcc Supply voltage
Vpp Programming voltage
'0' to '9' and 'A' to 'F' The sixteen hexadecimal digits
V High level output voltage
OH
V Low level output voltage
OL
V High level input voltage
IH
V Low level input voltage
IL
Icc Supply current at Vcc
I High level output current
OH
I Low level output current
OL
I High level input current
IH
I Low level input current
IL
t Risetime from 10 % to 90 % of signal amplitude
R
t Falltime from 90 % to 10 % of signal amplitude
F
ETSI
11 ETSI EN 300 477 V1.2.2 (1999-05)
C Output capacitance
out
C Input capacitance
in
3.3 Abbreviations
For the purposes of the present document, the following abbreviations apply:
AC Authentication Code
ADN Abbreviated Dialling Number
APDU Application Protocol Data Unit
ATR Answer To Reset
BCD Binary Coded Decimal
CAD Card Accepting Device
CHV Card Holder Verification information
DF Dedicated File
DTMF Dual Tone Multiple Frequency
EF Elementary File
etu elementary time unit
IC Integrated Circuit
ICC Integrated Circuit(s) Card
ID Identifier
lgth the (specific) length of a data unit
LND Last Number Dialled
LPIN Local Personal Identification Number
LSB Least Significant Bit
MF Master File
MMI Man Machine Interface
MSB Most Significant Bit
n 16 least significant bits of sequence number
s
NPI Numbering Plan Identifier
PIM Personal Identification Module
PIN Personal Identification Number
PTS Protocol Type Select (response to the ATR)
PUI Personal User Identity
RFU Reserved for Future Use
SLPIN Special Local Personal Identification Number
SW1 Status Word 1
SW2 Status Word 2
TON Type Of Number
UPT Universal Personal Telecommunication
4 Physical characteristics
Two physical types of UPT card are specified. These are the "ID-1 card" (see ISO 7810 [6]) and the "plug-in card" (see
ENV 1375-1 [16]).
The physical characteristics of both types of UPT card shall be in accordance with ISO/IEC 7816-1 [9] and
ISO/IEC 7816-2 [10] unless otherwise specified. The following additional requirements shall be applied to ensure
proper operation in the UPT environment.
4.1 Format and layout
The identification number as defined in EF (see clause 10) shall be present on the outside of the ID-1 card. The
ID
information on the outside of the plug-in card shall include at least the individual account identifier and the check digit
of the IC card identification.
ETSI
12 ETSI EN 300 477 V1.2.2 (1999-05)
4.1.1 ID-1 size
Format and layout of the ID-1 card shall be in accordance with ISO/IEC 7816-1 [9] and ISO/IEC 7816-2 [10].
The card should have a polarization mark which indicates how the user should insert the card into the CAD .
UPT
The CAD shall accept embossed ID-1 cards. The embossing shall be in accordance with ISO 7811-1 [7] and
UPT
ISO 7811-3 [8]. The contacts of the ID-1 card shall be located on the front (embossed face, see ISO 7810 [6]) of the
card.
4.1.2 Plug-in size
The plug-in card has a width of 25 mm, a height of 15 mm, a thickness the same as an ID-1 card and a feature for
orientation. See annex A for details of the dimensions of the card and the dimensions and location of the contacts.
Clauses A.1 and A.2 of ISO/IEC 7816-1 [9] do not apply to the plug-in UPT card.
Annex A of ISO/IEC 7816-2 [10] applies with the location of the reference points adapted to the smaller size. The three
reference points P1, P2 and P3 measure 7,5 mm, 3,3 mm and 20,8 mm, respectively, from 0 with the values in table A.1
of ISO/IEC 7816-2 [10] replaced by the corresponding values of figure A.1.
4.2 Temperature range for card operation
The temperature range for full operational use shall be between -25°C and +70°C with occasional peaks of up to +85°C.
"Occasional" means not more than 4 hours each time and not more than 100 times during the life time of the card.
4.3 Contacts
The provision of contacts shall be in accordance with ISO/IEC 7816-2 [10].
4.3.1 Provision of contacts
CAD : There need not be any contacting elements in positions C4 and C8.
UPT
Contact C6 need not be provided.
UPT card: Contacts C4 and C8 need not be provided by the UPT card.
Contact C6 shall not be bonded in the UPT card.
4.3.2 Activation and deactivation
The CAD shall connect, activate and deactivate the UPT card in accordance with the operating procedures specified
UPT
in ISO/IEC 7816-3 [11].
For any voltage level, monitored during the activation sequence, or during the deactivation sequence, the order of the
contact activation/deactivation shall be respected.
NOTE 1: It is recommended that whenever possible the deactivation sequence defined in ISO/IEC 7816-3 [11]
should be followed by the CAD on all
...