Updates in June 2017: For more details on updates to EMVLab, including HTTPS and better handling of 3-byte and unknown tags see my blog post.
This application derives session keys from the card master key,
following the algorithm described in EMV 4.1, Book 2, Part
III, Annex A1.3. Optionally it can generate application
cryptograms (ARQC, TC, AAC, AAR), when given the input the the
https://emvlab.org/ – the one stop site for payment system researchers and practitioners – © 2009–2019
This site is run by Steven Murdoch and hosted by the Information Security Group at University College London. More details about the work we are doing can be found on our information security research blog: Bentham’s Gaze.
EMV® is a registered trademark of EMVCo LLC. This site and its operators are not affiliated or associated with or endorsed by EMVCo. All other trademarks and registered trademarks are the property of their respective owners.