DDA on EMV cards offers best-in-class security to reduce fraud

As the adoption of the EMV standard is spreading worldwide, many card issuers are considering which type of authentication method to implement.

​EMV chips can perform SDA (Static Data Authentication), DDA (Dynamic Data Authentication), or CDA (Combined Data Authentication). Because of its effectiveness at fighting counterfeit fraud, DDA has become the industry standard all over the world.

How does DDA work?

DDA authentication is based on public-key cryptography, typically RSA cryptography.  Each card contains a unique public and private key pair that is used during authentication.  When prompted by the terminal, the card uses one key to generate a valid cryptographic code that is sent back to the terminal.  This code is unique to that transaction and proves that the card is genuine.  The terminal uses the second key to validate the code returned by the card.

What does it take to go DDA? 

The move from SDA to DDA requires a chip with a cryptographic coprocessor. This type of processor is necessary to perform the cryptographic calculations that allow a DDA card to generate the unique codes necessary for its trademark authentication process.

The impact on card personalization is that an additional key pair is generated per card, as well as an additional certificate.

​Gemalto can lend expertise in DDA implementation

The advantage of working with the market leader is that new customers benefit from the lessons learned from previous migration programs. Having partnered with many of the world’s leading card issuers, we have gained expertise from the many DDA implementations we have helped to navigate. Each country has a different approach to its migration program and unique challenges that have brought to light important considerations for your any program.