diff --git a/client/emv/cmdemv.c b/client/emv/cmdemv.c
index 7d5b1df0..b5d6d1e3 100644
--- a/client/emv/cmdemv.c
+++ b/client/emv/cmdemv.c
@@ -565,6 +565,39 @@ int CmdHFEMVInternalAuthenticate(const char *cmd) {
 
 #define dreturn(n) {free(pdol_data_tlv);tlvdb_free(tlvSelect);tlvdb_free(tlvRoot);DropField();return n;}
 
+void InitTransactionParameters(struct tlvdb *tlvRoot, bool paramLoadJSON, enum TransactionType TrType, bool GenACGPO) {
+	
+	ParamLoadDefaults(tlvRoot);
+
+	if (paramLoadJSON) {
+		PrintAndLog("* * Transaction parameters loading from JSON...");
+		ParamLoadFromJson(tlvRoot);
+	}
+	
+	//9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
+	char *qVSDC = "\x26\x00\x00\x00";
+	if (GenACGPO) {
+		qVSDC = "\x26\x80\x00\x00";
+	}
+	switch(TrType) {
+		case TT_MSD:
+			TLV_ADD(0x9F66, "\x86\x00\x00\x00"); // MSD
+			break;
+		// not standard for contactless. just for test.
+		case TT_VSDC:  
+			TLV_ADD(0x9F66, "\x46\x00\x00\x00"); // VSDC
+			break;
+		case TT_QVSDCMCHIP:
+			TLV_ADD(0x9F66, qVSDC); // qVSDC
+			break;
+		case TT_CDA:
+			TLV_ADD(0x9F66, qVSDC); // qVSDC (VISA CDA not enabled)
+			break;
+		default:
+			break;
+	}
+}
+
 int CmdHFEMVExec(const char *cmd) {
 	uint8_t buf[APDU_RES_LEN] = {0};
 	size_t len = 0;
@@ -677,37 +710,7 @@ int CmdHFEMVExec(const char *cmd) {
 	PrintAndLog("* Selected.");
 	
 	PrintAndLog("\n* Init transaction parameters.");
-
-	ParamLoadDefaults(tlvRoot);
-
-	if (paramLoadJSON) {
-		PrintAndLog("* * Transaction parameters loading from JSON...");
-		ParamLoadFromJson(tlvRoot);
-	}
-	
-	//9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
-	char *qVSDC = "\x26\x00\x00\x00";
-	if (GenACGPO) {
-		qVSDC = "\x26\x80\x00\x00";
-	}
-	switch(TrType) {
-		case TT_MSD:
-			TLV_ADD(0x9F66, "\x86\x00\x00\x00"); // MSD
-			break;
-		// not standard for contactless. just for test.
-		case TT_VSDC:  
-			TLV_ADD(0x9F66, "\x46\x00\x00\x00"); // VSDC
-			break;
-		case TT_QVSDCMCHIP:
-			TLV_ADD(0x9F66, qVSDC); // qVSDC
-			break;
-		case TT_CDA:
-			TLV_ADD(0x9F66, qVSDC); // qVSDC (VISA CDA not enabled)
-			break;
-		default:
-			break;
-	}
-	
+	InitTransactionParameters(tlvRoot, paramLoadJSON, TrType, GenACGPO);
 	TLVPrintFromTLV(tlvRoot); // TODO delete!!!
 	
 	PrintAndLog("\n* Calc PDOL.");
@@ -1236,36 +1239,7 @@ int CmdHFEMVScan(const char *cmd) {
 
 	// create transaction parameters
 	PrintAndLog("-->Init transaction parameters.");
-
-	ParamLoadDefaults(tlvRoot);
-
-	if (paramLoadJSON) {
-		PrintAndLog("-->Transaction parameters loading from JSON...");
-		ParamLoadFromJson(tlvRoot);
-	}
-	
-	//9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
-	char *qVSDC = "\x26\x00\x00\x00";
-	if (GenACGPO) {
-		qVSDC = "\x26\x80\x00\x00";
-	}
-	switch(TrType) {
-		case TT_MSD:
-			TLV_ADD(0x9F66, "\x86\x00\x00\x00"); // MSD
-			break;
-		// not standard for contactless. just for test.
-		case TT_VSDC:  
-			TLV_ADD(0x9F66, "\x46\x00\x00\x00"); // VSDC
-			break;
-		case TT_QVSDCMCHIP:
-			TLV_ADD(0x9F66, qVSDC); // qVSDC
-			break;
-		case TT_CDA:
-			TLV_ADD(0x9F66, qVSDC); // qVSDC (VISA CDA not enabled)
-			break;
-		default:
-			break;
-	}
+	InitTransactionParameters(tlvRoot, paramLoadJSON, TrType, GenACGPO);
 	
 	PrintAndLog("-->Calc PDOL.");
 	struct tlv *pdol_data_tlv = dol_process(tlvdb_get(tlvRoot, 0x9f38, NULL), tlvRoot, 0x83);
@@ -1367,7 +1341,11 @@ int CmdHFEMVScan(const char *cmd) {
 		}
 		
 		break;
-	}	
+	}
+	
+	// getting certificates
+	PrintAndLog("-->Recovering certificates.");
+	RecoveryCertificates(tlvRoot, root);
 	
 	// DropField
 	DropField();
diff --git a/client/emv/emvcore.c b/client/emv/emvcore.c
index 36f6f8eb..8d85ae14 100644
--- a/client/emv/emvcore.c
+++ b/client/emv/emvcore.c
@@ -9,6 +9,7 @@
 //-----------------------------------------------------------------------------
 
 #include "emvcore.h"
+#include "emvjson.h"
 
 // Got from here. Thanks)
 // https://eftlab.co.uk/index.php/site-map/knowledge-base/211-emv-aid-rid-pix
@@ -849,3 +850,59 @@ int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, st
 	emv_pk_free(icc_pk);
 	return 0;
 }
+
+int RecoveryCertificates(struct tlvdb *tlvRoot, json_t *root) {
+	
+	struct emv_pk *pk = get_ca_pk(tlvRoot);
+	if (!pk) {
+		PrintAndLog("ERROR: Key not found. Exit.");
+		return 1;
+	}
+
+	struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlvRoot);
+	if (!issuer_pk) {
+		emv_pk_free(pk);
+		PrintAndLog("ERROR: Issuer certificate not found. Exit.");
+		return 2;
+	}
+	PrintAndLog("Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx",
+			issuer_pk->rid[0],
+			issuer_pk->rid[1],
+			issuer_pk->rid[2],
+			issuer_pk->rid[3],
+			issuer_pk->rid[4],
+			issuer_pk->index,
+			issuer_pk->serial[0],
+			issuer_pk->serial[1],
+			issuer_pk->serial[2]
+			);
+
+	char *issuer_pk_c = emv_pk_dump_pk(issuer_pk);
+	JsonSaveStr(root, "$.ApplicationData.IssuerPublicKeyDec", issuer_pk_c);
+	JsonSaveBufAsHex(root, "$.ApplicationData.IssuerPublicKeyModulus", issuer_pk->modulus, issuer_pk->mlen);
+	free(issuer_pk_c);
+
+	struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlvRoot, NULL);
+	if (!icc_pk) {
+		emv_pk_free(pk);
+		emv_pk_free(issuer_pk);
+		PrintAndLog("ERROR: ICC setrificate not found. Exit.");
+		return 2;
+	}
+	printf("ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
+			icc_pk->rid[0],
+			icc_pk->rid[1],
+			icc_pk->rid[2],
+			icc_pk->rid[3],
+			icc_pk->rid[4],
+			icc_pk->index,
+			icc_pk->serial[0],
+			icc_pk->serial[1],
+			icc_pk->serial[2]
+			);
+	
+	char *icc_pk_c = emv_pk_dump_pk(icc_pk);
+	JsonSaveStr(root, "$.ApplicationData.ICCPublicKeyDec", icc_pk_c);
+	JsonSaveBufAsHex(root, "$.ApplicationData.ICCPublicKeyModulus", icc_pk->modulus, icc_pk->mlen);
+	free(issuer_pk_c);
+}
diff --git a/client/emv/emvcore.h b/client/emv/emvcore.h
index 94be4fcf..0041ec30 100644
--- a/client/emv/emvcore.h
+++ b/client/emv/emvcore.h
@@ -16,6 +16,7 @@
 #include <stdlib.h>
 #include <inttypes.h>
 #include <string.h>
+#include <jansson.h>
 #include "util.h"
 #include "common.h"
 #include "ui.h"
@@ -90,6 +91,8 @@ extern int trSDA(struct tlvdb *tlv);
 extern int trDDA(bool decodeTLV, struct tlvdb *tlv);
 extern int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, struct tlv *ac_data_tlv);
 
+extern int RecoveryCertificates(struct tlvdb *tlvRoot, json_t *root);
+
 #endif
 
 
diff --git a/client/emv/emvjson.h b/client/emv/emvjson.h
index 2d08e270..a518d7b9 100644
--- a/client/emv/emvjson.h
+++ b/client/emv/emvjson.h
@@ -30,4 +30,6 @@ extern int JsonSaveTLVTreeElm(json_t *elm, char *path, struct tlvdb *tlvdbelm, b
 
 extern int JsonSaveTLVTree(json_t *root, json_t *elm, char *path, struct tlvdb *tlvdbelm);
 
+extern bool ParamLoadFromJson(struct tlvdb *tlv);
+
 #endif
\ No newline at end of file