Hi,
This is going to be very technical - I work in this area.
I’ve only recently started using the Visa replacement card for the Debit Mastercard. One of the things I had to do was to update the card PIN using the App. I then took out €10 at a local ATM (Sparkasse) to ensure the new PIN was correct (CVM was online PIN at ATM), and I anticipated that the offline PIN would also be changed using an Issuer Script.
This [offline PIN update/reset] does not appear to be working.
I performed another €10 ATM transaction this evening (May 13, 2020), and had a successful cash withdrawal. Following this cash withdrawal transaction, the offline PIN and the offline PIN try counters on the card have not been updated.
GET DATA of the PIN try counter for the next session with the card following the cash withdrawal. ATC below is 0x000A.
S-5 [0x5]>>‚80CA9F1700‘
R-2 [0x2]>>‚6C04‘
S-5 [0x5]>>‚80CA9F1704‘
R-6 [0x6]>>‚9F1701009000‘
Response to the 1st GEN AC also shows some issues with an Issuer Script
S-34 [0x22]>>‚80AE80001D000000000001000000000000084000000080000978200513004AAB9446‘
R-2 [0x2]>>‚6114‘
S-5 [0x5]>>‚00C0000014‘
R-22 [0x16]>>‚801280000A621507C3BA7CD34D06011203A0601A9000‘
Here you can see that there was one Issuer Script on the last transaction, and it failed. You can also see that the Offline PIN try limit is still exceeded.
Your PIN CHANGE issuer script is failing when presented to the card. Without a response Field 55 to look at, I can only guess at the issue here.
Your CVM list preferences makes this a bit of an invisible problem - in Germany most POS devices and all ATMs support online PIN, so the offline PIN is never checked. In the UK and Ireland, almost all POS devices use offline PIN, and so this card possibly fall back to signature, or fail the transaction.
In some circumstances, unattended devices, e.g. Parking machines that accept contact transactions, will likely support only offline PIN. This is the case with some machines near where I live.
From an ADVT test card I have, the PIN change issuer script should look like this when presented to the card.
S-29 [0x1D]>>‚842400021835BDAF13A3331CDCA70D18306B0E0316E8480EA2D9DD0876‘
R-2 [0x2]>>‚9000‘
Note it should be this long [this many bytes inside tag 86]. If your PIN change issuer script is 8 bytes shorter, for example „8424000210…“, then you’re trying to change a VSDC PIN with an M/Chip command, and I would not recommend that.
The ATM transaction does complete correctly so the cryptograms are OK, and this is only connected to the issuer script.
Thanks,
Aidan