The Use of CTQs and TTQs in NFC Transactions

Dear Readers,

In this blog we are going to learn about, EMV technology, governing both contact and NFC transactions, can often appear as an intricate and enigmatic system, leading to confusion and complications for card users and terminal operators when issues arise. This article aims to demystify a portion of this technology by delving into the mechanics of NFC (Near Field Communication) in a real-world context. Specifically, we will explore two essential sets of data elements and configurations: CTQ (Card Transaction Qualifiers) and TTQ (Terminal Transaction Qualifiers). These components play a crucial role in determining transaction behaviors at the Point of Sale (POS) and within the terminal environment, offering valuable insights into how EMV functions in practice.

The technology that lies behind EMV both contact and NFC transactions is to some extent a black box that just does what it does and when it doesn’t quite do what is expected this can cause confusion and problems for the users and operators of the cards and terminals. To fully cover all of the areas is far too much for this short article, you only have to look at the size of the EMV books to understand that fully. Therefore the aim of this article is to explain the way some of the NFC technology works in a live environment.

In this article we will look at two sets of data elements and settings used in an NFC transaction. These are the CTQ (Card Transaction Qualifiers) and the TTQ (Terminal Transaction Qualifiers). As always we will use the short abbreviations, just to confuse the un-imitated, the CTQ and the TTQ.

The CTQ on the card is set by the Card Issuer at the time of its issuance and determines what actions will take place at the Point of Sale (POS) when a transaction takes place. In this standard operating procedure across EMV the Card Issuer enforces his control at the POS based on the settings they code into the card and this is true of the CTQ as much as the other settings not being discussed.

CTQ Byte 1:

Bit Condition Description
8 True Online PIN Required
7 True Signature Required
6 True Go Online if Offline Data Authentication Fails and Reader is online capable.
5 True Switch Interface if Offline Data Authentication fails and Reader supports VIS.
4 True Go Online if Application Expired.
3 True Switch Interface for CashTransactions.
2 True Switch Interface for Cashback Transactions
CTQ Byte 2:

Bit Condition Description
8 True Consumer Device CVMPerformed.Note: Bit 8 is not used by cards compliant with VISA specification, and is commonly set to False.
7 True Card supports Issuer Update Processing at the POS.
The CTQ controls, by the settings of the various bits, the following areas of a transaction:

If the application has expired the setting of the CTQ will define whether the transactions will be sent online or will be declined immediately.
If a cash transaction is being performed the CTQ defines whether the transaction should be switched to become a contact transaction n or is to be declined.
If fDDA (authentication check) fails again the CTQ has three choices that it can send the transaction online, switch it to a contact transaction or decline it.
When a CTQ is not returned by the card to the terminal and the reader needs a CVM (from its TTQ) the reader will decide on using a signature, an online Pin or to decline the transaction, in that order.
When a CTQ is returned by the card to the reader it will decide on which CVM should or can be used in the order Online PIN or Signature.
The CTQ results are returned in both the authorisation and clearing messages and are part of the valuable source of data returned in every transaction. This data is of value to the card issuer as it helps define what is happening at the Point of Sale and can be used in the development of the way we work.

The TTQ on the terminal can be set to a default or can be set by the Merchant / Acquirer to suit their terminal installation. However where used the CTQ will override the TTQ.

TTQ Byte 1:

Bit Condition Description
8 True Contactless MSD supported
7 True Contactless VSDC supported
6 True Contactless qVSDC supported
5 True EMV contact chip supported
4 True Offline-only reader
3 True Online PIN supported
2 True Signature supported
1 True Offline Data Authentication (ODA) for Online Authorizations supported.
TTQ Byte 2:

Bit Condition Description
8 True Online cryptogram required
7 True CVM required
6 True (Contact Chip) Offline PIN supported
TTQ Byte 3:

Bit Condition Description
8 True Issuer Update Processing Supported
7 True Mobile functionality supported (Consumer Device CVM)
TTQ Byte 4: All RFU

The TTQ controls, by the settings of the various bits, the following areas of a transaction:

The TTQ define if qVSDC and / or MSD are supported by the reader. Only those supported can be used in a transaction. qVSDC is the Visa c=EMV based NFC card whist MSD is the Visa Magnetic stripe Data NFC card. MasterCard have similar solutions.
If the card is MSD only and supports Cryptogram Version No 17 and online cryptogram is required.
It defines if the terminal supports Issuer Update and online capability.
If qVSDC is used and the amount is zero the transaction must go online.
For different types of transactions such as Purchase, Purchase with Cashback and Cash transactions the TTQ defines what is supported.
In pre-processing the TTQ define if an NFC transaction is supported.
If it is supported it defines what is required, Online Cryptogram, Value greater than CVM Limit then CVM required.
The TTQ values used and set during the transaction are transient, they are reported in the authorisation and clearing messages, but have no affect on subsequent transactions, unlike some settings in the contact side of EMV that do have an effect on subsequent transactions.

Basically between their settings the CTQ and The TTQ define how a transaction will react to any transaction taking place and they define what is required and how a transaction will be completed.

This is a very short description of how CTQ and TTQ work but I hope it helps to start lifting the lid on the black box we call EMV.

About Ambimat Electronics:

With design experience of close to 4 decades of excellence, world-class talent, and innovative breakthroughs, Ambimat Electronics is a single-stop solution enabler to Leading PSUs, private sector companies, and start-ups to deliver design capabilities and develop manufacturing capabilities in various industries and markets. AmbiIoT design services have helped develop SmartwatchesSmart homesMedicalsRobotics, RetailPubs and brewerySecurity 

Ambimat Electronics has come a long way to become one of India’s leading IoT(Internet of things) product designers and manufacturers today. We present below some of our solutions that can be implemented and parameterized according to specific business needs. AmbiPay, AmbiPower, AmbiCon, AmbiSecure, AmbiSense, AmbiAutomation.

To know more about us or what Ambimat does, we invite you to follow us on LinkedIn or visit our website.

Think You’re Ready for EMV? 10 Steps To Implementing Chip Tech
Tools for Payment Device Integration: Encrypt/Decrypt Tool