One more thing, if you send init update, get a valid response, and you are able to compute the cryptograms, you shall send it to the card in ext auth to avoid incrementing the security counter, even if the client side authentication fails for additional reasons.
Sébastien Lorquet Le 20/09/2013 16:47, landyman70 a écrit : > true. when I get the init update, I then do some client side authentication > and do a comparison of the card challenge, and as they don't match, I do not > proceed to the ext auth with the card. > Should I there fore just press on, knowing that the ext auth will fail? > > > > -- > View this message in context: > http://musclecard.996296.n3.nabble.com/GP-2-2-INITIALIZE-UPDATE-0x50-oddness-tp5042p5062.html > Sent from the MuscleCard mailing list archive at Nabble.com. > > _______________________________________________ > Muscle mailing list > [email protected] > http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com > _______________________________________________ Muscle mailing list [email protected] http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
