Tools

TLV Parser

Parse EMV Tag-Length-Value data structures.

What is TLV (Tag-Length-Value)?

TLV (Tag-Length-Value) is the binary data-encoding scheme that powers EMV chip card communication, ISO 7816 smart cards, and the vast majority of contactless payment protocols. Each data element is encoded as three back-to-back fields: a Tag identifying the semantic meaning of the data, a Length specifying how many bytes the value occupies, and the Value containing the actual bytes. This format is self-describing and extensible — a parser that does not recognize a tag can still skip it cleanly using the Length field. The EMV specifications (originally Europay, Mastercard, Visa; now maintained by EMVCo with American Express, Discover, JCB, UnionPay) define hundreds of tags spanning card authentication, transaction processing, terminal risk management, and issuer-to-card script commands. Tags fall into two classes: primitive tags carry raw data directly (e.g., tag 5A is the Application PAN), while constructed tags are containers whose value field is itself a sequence of nested TLV objects (e.g., tag 70 is the Application Proprietary Template that wraps several primitives). Tags can be one or two bytes; lengths can be one byte (≤127) or use BER encoding for longer values. Our parser handles all variants automatically and resolves tag names from the full EMV tag dictionary.

How to Use This Tool

  1. Paste EMV TLV hex data from a card reader, transaction log, EMV script, or HSM response.
  2. The parser identifies each tag using the comprehensive EMV tag dictionary (EMV Book 3 + scheme-specific extensions).
  3. Nested (constructed) tags are automatically expanded to show their child elements in a tree view.
  4. View tag names, descriptions, lengths, and raw HEX values side-by-side for each element.
  5. Click any tag to copy its raw value for use in HSM commands or test fixtures.
  6. Use the parser output as documentation when filing certification evidence with payment networks.

Common Use Cases

  • Parsing EMV chip card responses from SELECT, GET PROCESSING OPTIONS, READ RECORD, and GENERATE AC commands.
  • Decoding Application Cryptograms (ARQC, TC, AAC) and the related Cryptogram Information Data (CID) byte.
  • Analyzing TLV captured from EMV contactless flows (Visa qVSDC, Mastercard PayPass, AMEX ExpressPay).
  • Verifying EMV script commands (PUT DATA, APPLICATION BLOCK, UNBLOCK PIN) before personalization.
  • Debugging Track 2 Equivalent Data (tag 57) and Application PAN (tag 5A) extraction in acquirer integrations.
  • Reading issuer scripts returned from authorization hosts (tag 71 / 72) to confirm card-management updates.
  • Validating TLV produced by HSM Thales payShield commands (HC, GE, IE) during testing.
  • Educating new EMV engineers on tag semantics and constructed-vs-primitive distinctions.

Frequently Asked Questions

What are constructed vs. primitive tags?
Primitive tags contain actual data values (like a card number or cryptogram). Constructed tags are containers that hold other TLV objects nested inside. You identify constructed tags by bit 6 (the second-highest bit) of the first tag byte being set to 1. Example: tag 70 (EMV Proprietary Template) is constructed and contains multiple primitive tags such as 5F20 (Cardholder Name) and 57 (Track 2 Equivalent Data).
How do I read multi-byte EMV tags?
If bits 1-5 of the first tag byte are all 1s (lower nibble = 1F), the tag continues to one or more subsequent bytes. Each continuation byte has bit 8 (the highest bit) set to 1 when more bytes follow, and cleared to 0 on the final byte. For example, 9F26 is a two-byte tag because 9F has its low five bits all set. The parser handles all these BER-TLV continuation rules automatically.
What are the most important EMV tags?
For online authorization: 9F26 (Application Cryptogram / ARQC), 9F27 (Cryptogram Information Data), 9F10 (Issuer Application Data), 9F36 (Application Transaction Counter, ATC), 9F37 (Unpredictable Number), 5A (Application PAN), 5F34 (PAN Sequence Number), 9F02 (Amount Authorized), 9F03 (Amount Other), 9F1A (Terminal Country Code), 95 (Terminal Verification Results, TVR), and 9B (Transaction Status Information, TSI). These are the inputs to ARQC computation.
How is TLV length encoded for values longer than 127 bytes?
Lengths from 0 to 127 use a single byte. For longer values, the first length byte has bit 8 set to 1 and the remaining bits indicate how many subsequent bytes encode the actual length: 81 XX means a 1-byte length follows (128-255), 82 XX XX means a 2-byte length (256-65535), and so on. This is standard BER (Basic Encoding Rules) length encoding from ASN.1.
What is the difference between BER-TLV and SIMPLE-TLV?
BER-TLV (the EMV default) supports multi-byte tags, multi-byte lengths, and constructed tags. SIMPLE-TLV is a single-byte-tag, single-byte-length variant used in some ISO 7816 contexts and proprietary card commands. EMV always uses BER-TLV; you only encounter SIMPLE-TLV in older smart card schemes or specific PIV/CAC card commands.
How do I verify an ARQC from parsed TLV data?
After parsing, you have all the inputs: the cryptogram itself (9F26), the CDOL1 data elements that fed into it (amounts, terminal data, ATC, unpredictable number), and the Application Cryptogram Master Key derived from the Issuer Master Key (IMK) + PAN + PSN. Use our HSM Simulator (FA / VA command) or any EMV ARQC test tool with the parsed values to recompute and compare.

More Tools

Data Converter

Convert data between HEX, ASCII, Binary, Decimal, and Base64.

PIN Block

Calculate and reverse ISO 9564 Format 0 PIN Blocks.

LUHN Validator

Validate and generate numbers using the Luhn algorithm.

XOR Calculator

XOR two hexadecimal strings together.