Ambimat GroupAmbimatAmbiSecureeSIM InitiativeEngineering BlogAhmedabad · India · Est. 1981
ASAmbiSecureHardware-rooted security
Contact
Smart-card reference

ISO/IEC 7816 Quick Reference

A condensed, bookmark-friendly view of the parts of ISO/IEC 7816 you reach for most often: APDU structure, common INS bytes, file/record types, and the secure-messaging bits in CLA.

ReferenceISO/IEC 7816-4 / -8 / -9

APDU shape

A command APDU is a 4-byte header — CLA, INS, P1, P2 — plus optional Lc + data + Le.

CaseShapeMeaning
1CLA INS P1 P2No data, no response body.
2CLA INS P1 P2 LeNo data, expecting Le bytes.
3CLA INS P1 P2 Lc DataSending data, no body expected.
4CLA INS P1 P2 Lc Data LeBoth directions.

Extended-length APDUs prefix Lc and Le with a 0x00 byte and use 2-byte values, allowing up to 65535 bytes per direction. Negotiated via T0 historical bytes / SELECT response.

CLA bits

BitsMeaning
b8..b5 = 0000Inter-industry, ISO 7816-4.
b8 = 1Proprietary range (e.g. 0x80–0xBF — GlobalPlatform uses 0x80).
b4..b3 = 00No secure messaging.
b4..b3 = 10Secure messaging — header authenticated.
b4..b3 = 11Secure messaging — full (cmd + body).
b2..b1Logical channel (0–3).

Common INS bytes

INSName
20VERIFY (PIN/CHV)
22MANAGE SECURITY ENVIRONMENT
24CHANGE REFERENCE DATA
2APERFORM SECURITY OPERATION
2CRESET RETRY COUNTER
46GENERATE ASYMMETRIC KEY PAIR
70MANAGE CHANNEL
82EXTERNAL AUTHENTICATE
84GET CHALLENGE
86GENERAL AUTHENTICATE
88INTERNAL AUTHENTICATE
A4SELECT (FILE / AID)
B0READ BINARY
B2READ RECORD
C0GET RESPONSE
CAGET DATA
D0WRITE BINARY
D2WRITE RECORD
D6UPDATE BINARY
DAPUT DATA
DCUPDATE RECORD
E0CREATE FILE
E2APPEND RECORD
E4DELETE FILE / DELETE (GP)
E6TERMINATE DF / INSTALL (GP)
E8TERMINATE EF / LOAD (GP)
F2STATUS / GET STATUS (GP)
Static reference — no input leaves your browser.

Standards in this family

ISO/IEC 7816 has 15+ parts; the ones smart-card developers reach for most: -3 (electrical, ATR), -4 (organisation, security, commands), -8 (commands for security operations), -9 (commands for card management), -15 (cryptographic information application).

Spec

ISO 7816-4 (the one to read first).

Companion tool

Decode an APDU you have on hand.

APDU parser →

Pillar post

A practical introduction with examples.

APDU from first principles →