Content for ETSI TS 102 221 PDF version: 17.1.0

0… 4… 5… 6… 7… 7.3… 8… 9… 10… 10.2… 11… 11.1.2… 11.1.9… 11.1.14… 11.1.19… 11.1.20… 11.1.21… 11.2… 11.3… 12… 13… 14… 15 A B C… D E… F… G… H… I J… K… L… M…

11.1.9 VERIFY PIN 11.1.9.1.1 PIN verification 11.1.9.1.2 PIN retry counter 11.1.10 CHANGE PIN 11.1.11 DISABLE PIN 11.1.12 ENABLE PIN 11.1.13 UNBLOCK PIN 11.1.13.1.1 PIN unblocking 11.1.13.1.2 UNBLOCK PIN retry counter
...

11.1.9 VERIFY PIN p. 103

11.1.9.1 Functional description p. 103

11.1.9.1.1 PIN verification p. 103

This function initiates the comparison in the UICC of the PIN verification data sent from the terminal with the PIN reference data stored in the card. The security status set as a result of the verification is valid regardless on which logical channel the verification is performed. The verification process is subject to the following conditions being fulfilled:

PIN is not disabled;
PIN is not blocked.

If the access condition for a function to be performed on the last selected file is PIN, then a successful verification of the relevant PIN is required prior to the use of the function on this file unless the PIN is disabled.

If the PIN presented is correct, the number of remaining PIN attempts for that PIN shall be reset to its initial value 3.

If the PIN presented is false, the number of remaining PIN attempts for that PIN shall be decremented, regardless on which logical channel the VERIFY PIN command was issued. The UICC shall return SW1 SW2 = '63C2' after the first false PIN presentation. The UICC shall return SW1 SW2 = '63C1' after the second consecutive false PIN presentation, not necessarily in the same card session. After the third consecutive false PIN presentation, not necessarily in the same card session, the respective PIN shall be blocked and the UICC shall return SW1 SW2 = '63C0'. Any subsequent VERIFY PIN command applied to this blocked PIN shall then return SW1 SW2 = '6983'. The access condition can never be fulfilled until the UNBLOCK PIN function has been successfully performed on the respective PIN.

Input:

Indication PIN.

Output:

None.

11.1.9.1.2 PIN retry counter p. 103

The VERIFY PIN with empty data field is used to retrieve the PIN retry counter from the UICC. This function is performed whether or not the relevant PIN is disabled or blocked (e.g. by 3 consecutive wrong PIN presentations).

The VERIFY PIN command is sent to the UICC with parameter P2 indicating the PIN for which the retry counter value is to be retrieved with an empty data field. The number of retries, if any, is indicated in the response by SW1 SW2 = '63CX', where X indicates the number of retries left.

A VERIFY PIN command with empty data field applied to a blocked PIN shall return SW1 SW2 = '63C0' or SW1 SW2 = '6983'.

Input:

Empty.

Output:

None.

11.1.9.2 Void

11.1.9.3 Command parameters p. 104

Code	Value
CLA	As specified in clause 10.1.1
INS	As specified in clause 10.1.2
P1	'00'
P2	Qualifier of the reference data, see Table 11.15
Lc	Empty or '08'
Data	EMPTY or PIN value
Le	Not present

Table 11.15: Coding of P2

b8	b7	b6	b5	b4	b3	b2	b1	Meaning
0	0	0	0	0	0	0	0	Not supported
0	-	-	-	-	-	-	-	Global reference data (e.g. MF specific PIN)
1	-	-	-	-	-	-	-	Specific reference data (e.g. DF specific/application dependent PIN)
-	X	X	-	-	-	-	-	'00' (other values are RFU)
-	-	-	X	X	X	X	X	Reference data number

The five least significant bits of parameter P2 specify the PIN key reference number (see clause 9.5.1 for permissible values).

Command data:

Byte(s)	Description	Length
1 to 8	PIN value	8

11.1.10 CHANGE PIN p. 104

11.1.10.1 Functional description p. 104

The Change PIN command is used to initiate the comparison of the verification data with the PIN, and then to conditionally replace the existing PIN with the new PIN sent to the UICC in the command. Once successfully changed on a logical channel, the new value is immediately available to all channels.

This function assigns a new value to the relevant PIN subject to the following conditions being fulfilled:

PIN is not disabled;
PIN is not blocked.

The old and new PIN shall be presented.

If the old PIN presented is correct, the number of remaining PIN attempts for that PIN shall be reset to its initial value 3 and the new value for the PIN becomes valid.

If the old PIN presented is false, the number of remaining PIN attempts for that PIN shall be decremented and the value of the PIN is unchanged. After 3 consecutive false PIN presentations, not necessarily in the same card session, the respective PIN shall be blocked and the access condition can never be fulfilled until the UNBLOCK PIN function has been performed successfully on the respective PIN.

Input:

Indication of PIN, old PIN, new PIN.

Output:

None.

11.1.10.2 Command parameters p. 105

Code	Value
CLA	As specified in clause 10.1.1
INS	As specified in clause 10.1.2
P1	'00'
P2	As specified for the VERIFY PIN command, see clause 11.1.9
Lc	Length of the subsequent data field = '10'
Data	Old PIN value, new PIN value
Le	Not present

Byte(s)	Description	Length
1 to 8	Old PIN value	8
9 to 16	New PIN value	8

11.1.11 DISABLE PIN p. 105

11.1.11.1 Functional description p. 105

The Disable PIN command is used to switch off the requirement to compare the PIN verification data with the PIN reference data. The command also allows an indication whether to use an alternative global key reference, if enabled, or not when the application PIN is disabled. For universal PIN definition see clause 9.4.1. Usage of an alternative global key reference for user verification is indicated in parameter P1. If an alternative global key reference is used as a replacement for the application PIN, the usage qualifier in the PS_DO template data object for the alternative global key reference is set to 'use' = '08'. The verification of the alternative global key reference shall be performed instead of the application PIN verification to get access to the application.

The UICC shall perform a validation of the SE after the successful execution of this command as the current SE may have changed and this shall affect the access to files.

The successful execution of this function has the effect that files protected by PIN are now accessible as if they were marked "ALWAYS", except in the case where the alternative global key reference is to be used as a replacement for the disabled PIN. In this case the access condition for files containing only a reference to the disabled PIN is the alternative global key reference. For files having more than one global key reference indicated in the access rules the access condition is "ALWAYS" after disabling on of the key references used in the access rules. The function DISABLE PIN shall not be executed by the selected application when PIN is already disabled or blocked.

If the PIN presented is correct, the number of remaining PIN attempts shall be reset to its initial value 3 and PIN shall be disabled.

If the PIN presented is false, the number of remaining PIN attempts shall be decremented and PIN remains enabled. After 3 consecutive false PIN presentations, not necessarily in the same card session, the PIN shall be blocked and the access condition can never be fulfilled until the UNBLOCK PIN function has been successfully performed on PIN.

Input:

PIN.

Output:

None.

11.1.11.2 Command parameters p. 106

Code	Value
CLA	As specified in clause 10.1.1
INS	As specified in clause 10.1.2
P1	See Table 11.16
P2	As specified for the VERIFY PIN command, see clause 11.1.9
Lc	Length of the subsequent data = '08'
Data	PIN value
Le	Not present

Table 11.16: Coding of P1

b8	b7	b6	b5	b4	b3	b2	b1	Meaning
0	0	0	0	0	0	0	0	Verification data present in data field
0	0	0	0	0	0	0	1	Reserved by ISO/IEC 7816-4 [12]
1	-	-	-	-	-	-	-	Verification data present, and use reference data number as verification replacement
-	X	X	-	-	-	-	-	'00' (other values are RFU)
-	-	-	X	X	X	X	X	Global key reference data number

The five least significant bits of parameter P2 specify the PIN key reference number (see clause 9.5.1 for permissible values).

Command data:

Byte(s)	Description	Length
1 to 8	PIN value	8

11.1.12 ENABLE PIN p. 106

11.1.12.1 Functional description p. 106

The Enable PIN command is used to switch on the requirement to compare the PIN verification data with the PIN reference data. It is the reverse function of DISABLE PIN. If an alternative global key reference has been used as a replacement for the application PIN, the usage of the alternative global key reference as a replacement shall be disabled upon enabling the PIN for which the alternative global key reference has been a replacement (setting the usage qualifier in the PS_DO template data object for the alternative global key reference to do not use = '00').

The UICC shall perform a validation of the SE after the successful execution of this command as the current SE may have changed and this shall affect the access to files.

The function ENABLE PIN shall not be executed by the selected application when PIN is already enabled or blocked.

Every application shall specify whether this function is applicable to all PINs defined for the application.

If the PIN presented is correct, the number of remaining PIN attempts shall be reset to its initial value 3 and PIN shall be enabled.

If the PIN presented is false, the number of remaining PIN attempts shall be decremented and PIN remains disabled. After 3 consecutive false PIN presentations, not necessarily in the same card session, PIN shall be blocked and may optionally be set to "enabled". Once blocked, the PIN can only be unblocked using the UNBLOCK PIN function. If the PIN is blocked and "disabled", the access condition shall remain granted. If the PIN is blocked and "enabled", the access condition can never be fulfilled until the UNBLOCK PIN function has been successfully performed on PIN.

Input:

PIN.

Output:

None.

11.1.12.2 Command parameters p. 107

Code	Value
CLA	As specified in clause 10.1.1
INS	As specified in clause 10.1.2
P1	'00'
P2	As specified for the VERIFY PIN command, see clause 11.1.9
Lc	Length of the subsequent data = '08'
Data	PIN value
Le	Not present

Command data:

Byte(s)	Description	Length
1 to 8	PIN value	8

11.1.13 UNBLOCK PIN p. 107

11.1.13.1 Functional description p. 107

11.1.13.1.1 PIN unblocking p. 107

This function is used to reset the PIN retry counter to its initial value and then to conditionally set a new PIN value. This function may be performed whether or not the relevant PIN is blocked (e.g. by 3 consecutive wrong PIN presentations). This unblocking process is subject to the following condition being fulfilled:

UNBLOCK PIN is not blocked.

If the UNBLOCK PIN presented is correct, the value of the PIN, presented together with the UNBLOCK PIN, is assigned to that PIN, the number of remaining UNBLOCK PIN attempts for that UNBLOCK PIN is reset to its initial value 10 and the number of remaining PIN attempts for that PIN is reset to its initial value 3. After a successful unblocking attempt the PIN is enabled and the relevant access condition level is satisfied the new PIN value is available for all channels.

If the presented UNBLOCK PIN is false, the number of remaining UNBLOCK PIN attempts for that UNBLOCK PIN, regardless on which logical channel the UNBLOCK PIN command was issued, shall be decremented. The UICC shall return SW1 SW2 = '63C9', '63C8', …, '63C1' for up to the ninth consecutive false UNBLOCK PIN presentation, not necessarily in the same card session. After the tenth consecutive false UNBLOCK PIN presentation, not necessarily in the same card session, the respective UNBLOCK PIN shall be blocked and the UICC shall return SW1 SW2 = '63C0'. Any subsequent UNBLOCK PIN command applied to this blocked UNBLOCK PIN shall then return SW1 SW2 = '6983'. A false UNBLOCK PIN shall have no effect on the status of the respective PIN itself.

Input:

Indication PIN, the UNBLOCK PIN and the new PIN.

Output:

None.

11.1.13.1.2 UNBLOCK PIN retry counter p. 108

The UNBLOCK PIN command with empty data field is used to retrieve the UNBLOCK PIN retry counter from the UICC. This function may be performed whether or not the relevant PIN is blocked (e.g. by 3 consecutive wrong PIN presentations) and whether or not the UNBLOCK PIN is blocked.

The UNBLOCK PIN command is sent to the UICC with parameter P2 indicating the PIN for which the UNBLOCK PIN retry counter value is to be retrieved with an empty data field. The number of retries, if any, is indicated in the response by SW1 SW2 ='63CX', where X indicates the number of retries left.

An UNBLOCK PIN command with empty data field applied to a blocked UNBLOCK PIN shall return SW1 SW2 = '63C0' or SW1 SW2 = '6983'.

Input:

Empty.

Output:

None.

11.1.13.2 Void

11.1.13.3 Command parameters p. 108

Code	Value
CLA	As specified in clause 10.1.1
INS	As specified in clause 10.1.2
P1	'00'
P2	As specified for the VERIFY PIN command (see clause 11.1.9)
Lc	Empty or '10'
Data	Empty or UNBLOCK PIN value, new PIN value
Le	Not present

Command data:

Byte(s)	Description	Length
1 to 8	UNBLOCK PIN value	8
9 to 16	New PIN value	8