EXT0007: Sensitive Information Check
- Extension dependencies: none
- Document status: Approved (2020-02-01)
This extension validates a value known to the server for the client (e.g., a password). Returns boolean—valid or not. No device state changes occur.
Useful when application and device trust each other but application doesn’t trust user. Example: user proves physical possession of device by entering a code displayed on device.
No brute-force protection needed on device side due to state immutability requirement.
Commands
Section titled “Commands”0011 Confirm Value Correctness
Section titled “0011 Confirm Value Correctness”Request:
<TID> 3900 <LEN> 0011 <KIND> <VALUE>Response:
<TID> 3900 0003 0011 <RESULT>| Field | Length | Description |
|---|---|---|
KIND | 2 bytes | Value type (implementation-specific) |
VALUE | variable | Value to check |
RESULT | 1 byte | 1=correct, 0=incorrect |
Errors:
| Code | Description |
|---|---|
0010 | Invalid KIND |