Static Data Authentication(DDA) is an authentication method for smart cards and credit cards that is designed to protect against misuse. The SDA procedure works with fixed card data and RSA encryption.
The SDA procedurechecks that the card data signed by a certification authority has not changed since it was issued. It is a static procedure where the cryptogram signed with a private RSA key of the issuer is permanently stored on the chip. During a transaction, the payment card sends this cryptogram, the digital certificate and the identification of the certification authority.
The procedure is relatively secure and provides sufficient protection against misuse. However, there is the possibility of cloning. In this case, an attacker can record card sessions and use the data to create a virtual cash card.
In addition to the SDA procedure with static data authentication, there is also the dynamic procedure Dynamic Data Authentication (DDA) and the combined procedure Combined Data Authentication( CDA).