diff --git a/commands.go b/commands.go
index 0a3fe19..c986f9e 100644
--- a/commands.go
+++ b/commands.go
@@ -345,7 +345,7 @@ func NewCommandGetData(typ uint8) *apdu.Command {
 		InsGetData,
 		typ,
 		0,
-		[]byte{0xCA},
+		[]byte{},
 	)
 }
 
diff --git a/secure_channel.go b/secure_channel.go
index d886b18..d0f2566 100644
--- a/secure_channel.go
+++ b/secure_channel.go
@@ -92,18 +92,18 @@ func (sc *SecureChannel) Send(cmd *apdu.Command) (*apdu.Response, error) {
 		return nil, err
 	}
 
-	if resp.Sw != globalplatform.SwOK {
-		return nil, apdu.NewErrBadResponse(resp.Sw, "unexpected sw in secure channel")
-	}
-
-	var plainData []byte
-
 	if sc.open {
+		if resp.Sw != globalplatform.SwOK {
+			return nil, apdu.NewErrBadResponse(resp.Sw, "unexpected sw in secure channel")
+		}
+
 		rmeta := []byte{byte(len(resp.Data)), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
 		rmac := resp.Data[:len(sc.iv)]
 		rdata := resp.Data[len(sc.iv):]
 
-		if plainData, err = crypto.DecryptData(rdata, sc.encKey, sc.iv); err != nil {
+		plainData, err := crypto.DecryptData(rdata, sc.encKey, sc.iv)
+
+		if err != nil {
 			return nil, err
 		}
 
@@ -116,11 +116,11 @@ func (sc *SecureChannel) Send(cmd *apdu.Command) (*apdu.Response, error) {
 		}
 
 		logger.Debug("apdu response decrypted", "hex", hexutils.BytesToHexWithSpaces(plainData))
+		return apdu.ParseResponse(plainData)
 	} else {
-		plainData = resp.Data
+		return resp, nil
 	}
 
-	return apdu.ParseResponse(plainData)
 }
 
 func (sc *SecureChannel) updateIV(meta, data []byte) error {