Getting Started 
The sequence to follow to start working with switstack moka depends on the type of project to be implemented. But whatever the project, it is recommended to take a look at 2 important resources:
- Business requirements: see Requirements.
- Architecture: see Architecture.
You can also visit this section to know which kernels are currently supported: see ICS.
These 3 sections present the context and the hypothesis required to understand what is switstack moka and how it fits in an in-store payment ecosystem.
Playing with the code
Playing with the code is probably the best way to apprehend switstack moka:
- Get the code;
- Compile it;
- Perform transactions;
There are 2 modes available to perform transactions: - You may use moka in a virutal mode requiring virtual cards. This is the mode that is used to automate EMV tests and to emulate accredited testing tools. - You may use moka in a PCSC mopde requiring actual cards. This is the mode that was used to qualify the stack against the different test plans implemented for certification sessions.
Virtual terminal
This mode can be used to replay transactions based on APDU logs.
Warning
If you want to replay a transaction, set following TRD tags as followed: 9f 37 04 xx xx xx xx aligned on your transction to replay 9a 03 xx xx xx aligned on your transaction to replay
| Steps | Description | Command |
|---|---|---|
| #1 | Contact switstack to open a github account (see switstack). | n/a |
| #2 | Clone the repository. | git clone repository_reference |
| #3 | Make the build for virtual mode. | cmake -B build -S . -D CMAKE_BUILD_TYPE=Debug -D CMAKE_TOOLCHAIN_FILE=./external/cmake-toolchains/cmake/toolchains/gcc_linux-x86_64.toolchain.cmake -D MOKA_BUILD_TESTS=ON -D MOKA_BUILD_TEST_APP=ON -D MOKA_TRACE_CERTIF=ON -D MOKA_HAL=VEP-L -DSWITSTACK_VERSION="1.0.0" |
| #4 | Compile the code. | cmake --build ./build |
| #5 | Perform unit test. | ./build/test/moka_test |
| #6 | Execute the code. | ./build/apps/moka/moka -f mchip1.txt -t trd_00_15_00.txt -k mastercard.txt -r mastercard.txt -c card_name.txt |
PCSC-based terminal
This mode can be used for qualification with accredited tools, or with actual card.
Warning
Actual cards coming from production use specific certificates that are not provided by switstack.
| Steps | Description | Command |
|---|---|---|
| #1 | Contact switstack to open a github account (see switstack). | n/a |
| #2 | Clone the repository. | git clone repository_reference |
| #3 | Make the build for PCSC mode. | cmake -B build -S . -D CMAKE_BUILD_TYPE=Debug -D CMAKE_TOOLCHAIN_FILE=./external/cmake-toolchains/cmake/toolchains/gcc_linux-x86_64.toolchain.cmake -D MOKA_BUILD_TESTS=ON -D MOKA_BUILD_TEST_APP=ON -D MOKA_TRACE_CERTIF=ON -D MOKA_HAL=PCSC -DSWITSTACK_VERSION="1.0.0" -DMOKA_MASTERCARD_MAGSTRIPE=OFF |
| #4 | Compile the code. | cmake --build ./build |
| #5 | Execute the code. | ./build/apps/moka/moka -f mchip1.txt -t trd_00_15_00.txt -k mastercard.txt -r mastercard.txt |
Using switstack moka in your project
Once you have a good understanding of what switstack moka is, how it works, and what its boundaries are, you can start architeturing your solution based on your business requirements.
There are different approaches to work with switstack moka:
1. You are developing a COTS system and want to leverage on existing Letters of Compliance (LoC);
2. You are developing a PCI-PTS or COTS system and you want to port switstack moka;
Leveraging existing LoC
In the context of COTS projects, it is possible to own EMV Level 2 stacks that have been certified by a provider. You integrate a SDK along with the kernels of your choice (Mastercard, Visa, Amex, Discover, etc...). You build your payment solution without the need to perform any EMV Level 2 certifications. The benefits to use switstack moka are:
| Benefits | Included | Description |
|---|---|---|
| Code Availability |  |
The license includes an access to the code repository (see terms and conditions) |
| Test Automation |  |
EMV Level 2 qualifications against official test plans are fully automated and may be integrated into CI/CD pilelines. This requires a specific service subscription (swittest) |
| Compliance | |
The license includes LoC and MPoC accreditation (see terms and conditions) |
| Maintenance | |
Specifications and test plans updates may lead to the modification of the stack. Systematic updates require a specific service subscription |
| Unified API | |
COST and PCI-PTS system running moka expose the same EMV Level 2 API to be integrated by payment applications |
Porting switstack moka
You may want to take full control of the EMV Level 2 stack, and be granted with your own EMV Level 2 certificates.
If you are running a COTS project, this is achieved with minimum efforts because the EMV Level 2 has already been certified by switstack: 1. Get the code from switstack repository; 2. Target your COTS device using your parameters (kernels and ICS); 3. Qualify the stack; 4. Certify the stack at the lab of your choice;
If you are running a PCI-PTS project, you have to port the stack onto a new hardware platform. Before being able to run it on your device, it is required to adapt low level calls to the API services exposed by your firmware. It means that all the HAL layer must be overwriten so existing implementations (PCSC, and virtual cards) will be replaced with actual platform calls to support: - card polling - apdu exchanges - random number generation - crypto routines such as rsa, sha, ... - led displays - message displays - bip
It is a straight forward task.