Add to collection(s) Add to saved
  1. Business
  2. Management

Mark Hartley EMVCo - Digital Money Forum

advertisement 
EMVCo –
Advancing Chip Standards for
the Global Payments Industry
Mark Hartley, EMVCo Board of Managers Representative
March 2011
Agenda
• Introduction to EMVCo
• EMV® Today
• EMV’s Global Reach
• 2011 Priorities
• Common Contactless Acceptance Infrastructure
• Mobile Payments
• New Participation Structure
• Conclusion
Copyright © 2011 EMVCo
2
EMVCo Overview
Copyright © 2011 EMVCo
3
Introduction to EMVCo
Technical standards body managing and enhancing the EMV
Specification to meet the needs of stakeholders.
Copyright © 2011 EMVCo
4
Scope and Participation
EMVCo’s scope and participation have evolved over time in response
to emerging payment, technology and industry needs.
Scope
EMV
Spec
Europay,
MCW &
Visa
Terminal Type
Approval
Process
Board of
Advisors
Interoperability
Management
Working
Groups
Expanded
JCB
Joins
CCD/CPA
Specs & Card
Type Approval
Contactless
& Mobile
Task Forces
American
Express
Joins
Contactless
& Mobile
Next?
Expanded
Industry
Participation
Next?
Participation
Copyright © 2011 EMVCo
5
EMVCo’s Global Reach
Copyright © 2011 EMVCo
6
Global Deployment
Copyright © 2011 EMVCo
7
EMVCo Structure & Stakeholders – 2011
Business Focus
Technical and
Operations Focus
Executive Committee
Board of Managers
Secretariats
Board of Advisors
Business Associates
Working Groups
Technical Associates
Subscribers
Task Forces
Copyright © 2011 EMVCo
Terminal
Approval
Mobile
Payments
Security
Evaluation
Contactless
Interoperability
Security
Card
Approval
Card and
Terminal
8
EMVCo’s 2011 Priorities
EMVCo continues its work towards a common
contactless acceptance infrastructure for payments
globally.
EMVCo’s cross-industry collaboration advances
contactless mobile payments standardisation.
New EMVCo participation structure encourages
broadening of industry engagement.
Copyright © 2011 EMVCo
9
Contactless Acceptance
Copyright © 2011 EMVCo
10
Contactless Acceptance – Background
• As the technology evolved, significant investments were
made in deployment of different contactless solutions, which
now enjoy a large installed base of cards and terminals.
• To broaden and accelerate the deployment of contactless
payment, EMVCo can help further by standardising the
existing contactless acceptance infrastructure and
streamlining the contactless type approval processes.
• The Entry Point design allows for the accommodation of
regional solutions and the gradual migration to a common
acceptance kernel.
Copyright © 2011 EMVCo
11
Contactless Acceptance – Status
• Phased Implementation
Phase One
Focusing on streamlining existing licensing and
contactless type approval and building a
framework for future development.
Phase Two
Building a contactless online-only kernel.
Phase Three
Continuing the development with offline market
requirements and incorporating new
cryptography standards.
See General Bulletin #43 at www.emvco.com for further details.
Copyright © 2011 EMVCo
12
Contactless Acceptance – Current Roadmap
Past
Accomplishments
Oct
2009
2010
2011
2012
2013+
Phase One:
Streamline existing
licensing and approval
Entry Point,
Contactless
Communication
Phase Two:
Common Online Kernel
Protocol
Phase Three:
Common On/Offline ECC
Kernel
Copyright © 2011 EMVCo
13
Mobile Payments
Copyright © 2011 EMVCo
14
Mobile Payments – Background
• The future growth of contactless mobile payments technology, and
its viability as a sustainable, global, mass market payment method,
relies on the existence of a standardised technical infrastructure.
• Inter-industry cooperation is essential to avoid a fragmented
approach to standardisation and the resulting limitations that this
would bring.
• EMVCo is tackling the technical challenges in contactless mobile
payments (CMP) and aligning with the traditional charter to deliver
payment specifications, testing and type approval processes that
ensure security and interoperability between ‘payment instruments’
(whether plastic cards or mobile devices) and terminals.
Copyright © 2011 EMVCo
15
MPWG Guiding Principles
• User Choice
– End user to have active control over when, where and which payment
‘instrument/credential’ can be used:
• Payment brand, financial institution, type (user defined choice and priority)
• Choice and priority changeable by user at any time.
• Issuer flexibility:
– Secure element form factor (UICC, embedded, removable memory card etc.)
– One or more secure elements.
• Traditional standardisation role:
– EMVCo requires an approved secure element to host payment ‘instrument’
– Agreement on standardised and interoperable processes to manage payment
‘instrument/ credentials’ on secure elements
– Compatibility with existing contactless payments acceptance infrastructure
• EMV Common Contactless Protocol Level 1
• PPSE .
Copyright © 2011 EMVCo
16
EMVCo Contactless Mobile Payments
Landscape
• Reviewed the landscape of contactless mobile payments
infrastructure standards available in the marketplace and
determined best approach to support EMVCo’s role in contactless
mobile payments.
• Prioritised and identified those requirements, standards,
specifications and processes that:
– Are within domain of other related standards groups (this drove high
priority liaison efforts)
– Are in need of development by the MPWG and that would complement
its liaison activities
– Provide the contactless mobile payments community with appropriate
guidance in developing various parts of the mobile payments
infrastructure (from the payment industry perspective).
Copyright © 2011 EMVCo
17
Mobile Payments – Handset Architecture
Wide
Area
Modem
User Interface
Over-the-Air
Personalisation
& Provisioning
Payment
Application
Management
Application
Environment
Contactless
Module
Copyright © 2011 EMVCo
Antenna
Contactless
Proximity
Payments
18
Mobile Payments – Domains of Activities
Secure Elements
Mobile Devices
User Interface
EMVCo
Industry Orgs
Payment Systems
UICC Profiles
-Security Evaluation
(new)
GSMA · ETSI
GlobalPlatform
Approval (current)
Handset Requirements
GSMA · ETSI
AAUI Specifications &
Guidelines
Contactless
Protocol
Specifications
-Compatibility Validation
to EMV Requirements
Payment
Applications
PPSE Specification
(contained in AAUI ) Testing (future)
Payment
Application Mgt.
Personalisation
Provisioning
Copyright © 2011 EMVCo
Existing Specifications
as option
Functional Specifications
NFC Forum
Approval (current)
Payment System specific
GSMA and EPC MChannel
Payment System specific
GSMA and EPC MChannel
Payment System specific
19
Status of MPWG Development Efforts (1)
Public Documents Posted on EMVCo Site:
• EMVCo Mobile Payments Architectural Overview document to
serve as architectural reference document for the MPWG and
describes briefly EMVCo’s and various standards bodies’ roles in
the contactless mobile payments ecosystem.
• EMVCo Handset Requirements focusing on payment industry’s
specific requirements for NFC mobile payments capable handsets
– Effectively store, enable and manage payment applications
– Enable a degree of consistent user experience
– Can be viewed along side the GSMA handset requirements .
Copyright © 2011 EMVCo
20
Status of MPWG Development Efforts (2)
Public Documents Posted on EMVCo Subscribers Site:
• EMVCo Profile for GlobalPlatform UICC Configuration Secure
Elements, a payment industry specific profile based on
GlobalPlatform’s development efforts.
• EMVCo Application Management Specifications (Application
Activation User Interface) documents the necessary components
facilitating selection and activation of the user’s choice of financial
instrument to be used at the POS.
Copyright © 2011 EMVCo
21
Current MPWG Liaison Status (1)
•
GlobalPlatform – Collaboration on Composition Model for Secure
Element Security Evaluation:
– Development of model by GlobalPlatform in cooperation with EMVCo and
GSMA
– The composition model addresses security evaluation of secure elements and
secure applications
– Traditionally secure element (‘card’) and applications are evaluated together
•
Composition model aims to provide method for evaluating SE once, and allowing this
evaluation to be used in order to evaluate the multiple applications
– Addresses both Common Criteria and EMVCo evaluation processes.
•
GSMA – Collaboration efforts progressing well:
– Multiple F2F meetings and many joint calls
– Joint discussions on UICC certification and type approval framework with
GlobalPlatform
– Actively providing feedback and comments to each other’s document
– Creating ‘technical working bridge’ between two industries working on same
topic.
• Liaison with other standard bodies – e.g. NFC Forum.
Copyright © 2011 EMVCo
22
Broadening Industry Engagement
Copyright © 2011 EMVCo
23
Industry Engagement Drivers
Standards
• Growth of EMV as
contact chip standard
• Expectation to
expand beyond
contact chip
Efficiencies
Customer
• Industry requests for
wider participation
• Interest in increased
transparency
• Improved business vs.
technical input balance
• Efficient interaction
with standards bodies
• Commitment to
optimal resource
management
• Recognise member
investment in staff &
T&E
Investment Optimisation
Copyright © 2011 EMVCo
24
Participation Level Description
Level
Qualifications /Requirements
High Level Benefit
Annual
Fees
Members
• Commitment to global EMV interoperability
• Significant responsibilities in EMV
issuance/acceptance in multiple countries
• Responsible for final specs
Capital &
resource
investment
Board of
Advisors
• Business Associates
• Technical Associates (up to six seats, beginning 2011)
• Interaction with EMVCo
Executive Committee
N/A
Business
Associate
• Payment service providers
• Committed to EMV deployment and interoperability
• Interest in providing input to EMVCo’s strategic
direction
• Seat on Board of Advisors
• Company subscriber benefits
$12,500
Technical
Associate
• Industry stakeholders
• Interest in EMVCo working group activities
• Quarterly workshops with WGs
• Vote to elect up to six BoA reps
• Company subscriber benefits
$25,000
Subscriber
• Company or
• Individual
• Access to draft specs, user
meetings & communications
$2,500
$750
Notice: Participation in EMVCo (other than as a member) does not give any equity or voting rights in EMVCo, LLC
Copyright © 2011 EMVCo
25
EAP Associates Programme Participants^
Business Associates (29)
ABN AMRO Bank
ANZ
APCA*
Atos Origin
Bancomat
Bank of China
Bankers Association
Barclays Bank
BoC Credit Card*
BPCE
Bundesverband deutscher
Banken
Cartes Bancaires*
CIELO
Credit Mutuel
Discover*
EFTPOS Payments
Australia Ltd.
EPC
Equens SE
EURO 6000, S.A.
Interac*
Moneris Solutions*
PASA
Paymark Limited
RBS Worldpay
SERMEPA
Sistema 4B
SRC Research*
Swedbank
UK Cards Association*
Technical Associates (16)
APCA*
BoC Credit Card*
Cartes Bancaires*
Discover*
Hypercom
Infineon Technologies
Inside Secure
Interac*
Moneris Solutions *
Ingenico
NCR Financial Solutions
Group Limited
Smart Payment Association
Verifone
Walmart
SRC Research*
UK Cards Assoc.*
^ Participation as of 15 February 2011
* Denotes Dual Associates: Registered as Technical and Business Associates
Copyright © 2011 EMVCo
26
Copyright © 2011 EMVCo
Thank You!
Visit www.emvco.com
Mark Hartley
EMVCo Board of Managers Representative
March 2011
Related documents
Smartcard Terminals (EMVCo LEVEL 2)
Smartcard Terminals (EMVCo LEVEL 2)
Security in a Mobile App World – A Payments Perspective
Security in a Mobile App World – A Payments Perspective
Consulting - Travillon
Consulting - Travillon
Diagrammatic Representation of an Information System
Diagrammatic Representation of an Information System
Innovation and the Payments System
Innovation and the Payments System
E.P.S.E Problem Solving Model
E.P.S.E Problem Solving Model
Direct payments overview slide pack
Direct payments overview slide pack
11-University-of-Canberra-One-Stop-software-demonstration
11-University-of-Canberra-One-Stop-software-demonstration
Individual budgets and healthcare presentation by Jon
Individual budgets and healthcare presentation by Jon
Lesson 8 - Payment Systems Used in Bars
Lesson 8 - Payment Systems Used in Bars
Download
advertisement