Reading EMV card's serial number

Question

I am trying to read an EMV card. As specified for EMV cards, a tag called "9F1E", holds a permanent serial number specified by the issuer (see https://www.eftlab.co.uk/index.php/site-map/knowledge-base/145-emv-nfc-tags).

However, I could not retrieve this tag. I looped through all the records of all SFIs. Is there any way to ask for a specific EMV tag?

Answer 1

The value 91FE is not a valid BER-TLV tag, so you probably meant 9F1E (which is the only tag in that list with a description that contains the text "serial number"). (OP corrected this. This indeed meant to be 9F1E.)

The tag 9F1E is described as "Interface Device (IFD) Serial Number, Unique and permanent serial number assigned to the IFD by the manufacturer". Hence, this is a tag used within the terminal (i.e. the smartcard reader side, also called the "interface device"). This tag is not present within any card. Consequently, you cannot retrieve it from a card.

When you are looking for a value contained within a specific data object, the proper way would be to read all records from the card until you find the data object tag. Some cards also support the GET DATA command to query for specific tags in certain situations. That GET DATA command would look like this:

80 CA P1 P2 00

Where P1 contains the first byte of the tag (or 00 if the tag consists of only one byte) and P2 contains the second byte of the tag (or the only byte if the tag consists of only one byte).

In order to identify (do not mix this with authenticate!) the card holder or the card itself, EMV provides other ways:

There is the primary account number (PAN) and the PAN sequence number. The PAN usually identifies the card holder's payment account. If the card holder gets a new replacement card from the bank (e.g. because the old card expires), the PAN usually stays the same for the new card (exceptions may exist). Similarly, the PAN sequence number stays the same for a card and all follow-up cards (i.e. those issued due to exipry of the older card). Consequently, the combination of PAN and PAN sequence number could, at best, be used to identify the card holder.

The closest thing to a card serial number (i.e. something that identifies one specific card) that you can get from a card is the ICC (Integrated Circuit Card) public key (see tags 9F46, 9F47, and 9F48). This is the public part of the asymmetric key pair of the smartcard. While, in theory, an issuer could reuse even this key pair for multiple cards, I would assume that card issuers issue a fresh key pair for every new card for security reasons.