We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byJameson Towns
Modified over 2 years ago
©2013 MasterCard. Proprietary and Confidential June 12, 2014 AITEC Banking and Mobile Money COMESA 2013 1 Nairobi, 12 September 2013 James Wainaina, Vice President and Area Business Head, MasterCard East Africa
©2013 MasterCard. Proprietary and Confidential Agenda The MasterCard Story Card Security in East Africa Advancing Security, Advancing Commerce Role of Partnerships June 12, 2014 2
©2013 MasterCard. Proprietary and Confidential The MasterCard Story June 12, 2014 3
©2013 MasterCard. Proprietary and Confidential MasterCard Today *This represents MasterCard-branded GDV, does not include Maestro or Cirrus All figures as of Dec. 31, 2012 210 countries and territories 35.9 million acceptance locations 7,542 employees 34.2 billion transactions US $3.6 trillion * gross dollar volume June 12, 2014 4
©2013 MasterCard. Proprietary and Confidential Four-Party Payment System ACQUIRER ISSUER CARDHOLDER MERCHANT June 12, 2014 5
©2013 MasterCard. Proprietary and Confidential Our Role We invent them. Consumers want better ways to pay. We invent them. We help them move faster. Checkout lines are too slow. We help them move faster. We speed them on their way. Commuters are busy. We speed them on their way. We make it simple. Procurement is complicated. We make it simple. We find ways to serve them. People have no bank accounts. We find ways to serve them. June 12, 2014 6
©2013 MasterCard. Proprietary and Confidential Card Security in East Africa June 12, 2014 7
©2013 MasterCard. Proprietary and Confidential 8 June 12, 2014 Banks reported US $17.52 million lost between April 2012 and April 2013 Loss of revenue Identity theft, electronic funds transfer, bad cheques, credit card fraud, loan fraud and online fraud are some methods used to orchestrate fraud InfrastructureInfrastructure Eliminating online and digital insecurities is key as more and more consumers become accepting of online payment channels Cyber security Securing electronic payments 77% of Kenyans willing to buy goods online Kenyan National Payments Systems arm of CBK works to modernize and increase efficiencies of the nations electronic payments MasterCard Intelligence: MasterCard Online Shopping Survey 2012
©2013 MasterCard. Proprietary and Confidential Advancing Security, Advancing Commerce June 12, 2014 9
©2013 MasterCard. Proprietary and Confidential Fraud management for more secure payments 1 2 3 Industry Level Initiatives Customer Level Fraud Management Initiatives MasterCard Fraud Management Solutions, Products and Services Developing industry standards with stakeholders Partnering with government agencies Enabling Strong Authentication: EMV (chip & pin), 3D Secure (MasterCard Secure Code) Mandated Data Security: PCI-DSS MasterCards SAFE ( Issuing Bank confirmed reporting fraud to MasterCard) ADC Account Data Comprise event management (between issuer and acquirer) Fraud management reviews and fraud consulting services. Cardholder & Merchant Fraud Prevention Education (Academy, website, conferences). Excessive Chargeback Program (ECP): Expert Monitoring Solutions Global Merchant Audit Program (GMAP) Bin Blocking Services SIS Master Card stand in facility FRM (ATM covering prepaid and debit)
©2013 MasterCard. Proprietary and Confidential EMV Compliance testing has two levels: – EMV Level 1, which covers physical, electrical and transport level interfaces, (i.e. the hardware) and – EMV Level 2, which covers payment application selection and credit financial transaction processing (i.e. the software) If the MPOS features a Chip Reader then both EMV certifications must be in place EMV / MasterCard Certification February 19, 2013 Page 11 MasterCard Terminal Integration Process (TIP) – Check that a Chip terminal meets MasterCard brand requirements TIP must happen before a terminal can be deployed MasterCard Terminal Quality Management (TQM) – while EMV L1 tests one or two readers this checks that the 200 th, 200Kth and 2 millionth devices that are produced are the same as the first! If the MPOS features Chip then it must have a TQM certificate Note: Acquirer compliance requirements remains the same as in the case of regular EDC terminal
©2013 MasterCard. Proprietary and Confidential PCI Data Security Standard (PCI DSS) – the standard was created to increase controls around cardholder data to reduce card fraud via its exposure If card data is being handled, stored, routed then PCI DSS certifications must be in place PCI PIN Transaction Security Standard (PTS) – was specifically designed to protect consumer PIN data from theft. It is also intended to enforce hardware security of devices that accept consumer PINs and house secret encryption keys of the acquirer If the MPOS solution can accept consumer PINs, then PCI PTS certifications must be in place PCI Certification PCI Point to Point Encryption Standard (P2PE) – Secure encryption of payment card data at the point-of-interaction (POI) Not currently a requirement of MasterCard Rules, however it is an MPOS Best Practice PCI Payment Application Security Standard (PA-DSS) – Secure payment applications, when implemented into a PCI DSS-compliant environment, will help to minimize the potential for security breaches leading to compromises. BP BP = MasterCard Best Practice https://www.pcisecuritystandards.org
©2013 MasterCard. Proprietary and Confidential Page 13 Securing MPOS Payment Applications PCI SSC is not certifying MPOS payment applications that reside on multi-purpose, consumer mobile devices (referred by PCI SSC as a Mobile Payment Acceptance Application Category 3). MCW recommends – secure coding / secure software updates / process for handling lost & stolen devices / remote disablement Securing Transaction Data Captured by an MPOS Card Reader Accessory P2PE / enciphered data is transmitted via the mobile device to the MPOS solution provider server / cryptographic authentication for device authentication Securing Personal Account Numbers (PAN) PAN should not be retained on the mobile device / For Key entered trns – encryption of PAN for transmission EMV Chip Transactions EMV level 2 kernel can be on device or on server or split between both Service providers to ensure there is no latency Online only trns allowed MasterCard mPOS Program – Some best Practices Service Providers
©2013 MasterCard. Proprietary and Confidential Control in retail payments Giving cardholders greater control over how and where their card is used Multi-level transaction blocking Geographical limit of the acceptance of cards based on pre-defined regions Enhanced controls: apply different authorization limits based on multiple criteria such as Amount, Merchant Category, Transaction Type etc. Cardholders create personalized spending profiles for their accounts, setting up alerts and spending limits according to budget goals and account security concerns Solutions for both individuals & corporates
©2013 MasterCard. Proprietary and Confidential Role of Partnerships June 12, 2014 15
©2013 MasterCard. Proprietary and Confidential Partnerships to fortify the electronic payments ecosystem Enhance efficiency and effectiveness of payment systems Provider of payment systems (KEPSS) Government Action Industry Initiatives Private Investment Industry-wide shift for adoption of secure ATM and card transactions Joint education drives at customer, issuer and merchant levels June 12, 2014 Page 16 Between 2008-2012, greater usage of electronic payments contributed to 0.8 % increase in GDP in emerging markets and 0.3% increase in GDP in developed markets.. -Moodys Analytics, February 2013 Investment in systems upgrade for issuance of EMV chip and PIN cards as banks adopt new systems
WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3 An acronym created by Europay ®, MasterCard ® and Visa ® The global standard for the.
Standards in Use. EMV June 16Caribbean Electronic Payments LLC2.
Summary of Changes. General These are changes that have come up in many EMV migrations that I have assessed and been involved in. The changes are broken.
Financial Stability & Integrity Track: Innovations in Technology for Financial Inclusion & Managing Risks.
Evolving Challenges of PCI Compliance Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014.
© 2014 CustomerXPs Software Pvt Ltd | | Confidential 1 Tentacles of Fraud #StarfishBanks CustomerXPs Software Private Limited.
1 STATISTICAL DATA ON THE BANKS PAYMENT SYSTEMS IN FINLAND May 2013.
“Electronic Payment System”
Why Comply with PCI Security Standards?
Agenda EMV – What Is It? EMV In The UK EMV Is Coming To The US
Talking Technology and Transportation (T3)
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
Troy Leach April 2012 The PCI Security Standards Council.
Electronic Payment Systems
Academy of Risk Management | Innovate. Collaborate. Educate. Fraud Management Solutions Innovative Products & Thought Leadership.
© 2012 Presented by: Preparation For EMV Chip Technology Keith Swiat.
Business Administration term project 2 (25%) financial Management Systems Debit card and credit card payments By Ashleigh Gray.
The influence of PCI upon retail payment design and architectures Ian White QSA Head of UK&I and ME PCI Team September 4, 2013 Weekend Conference 7 & 8.
Mobile Payment Security The Good, the Bad and the Ugly
ThankQ Solutions Pty Ltd Tech Forum 2013 PCI Compliance.
Global Product Marketing
EPS (Electronic payment system) is an online business process used for fund transfer using electronic means, i.e Personal computers services Mobile.
Electronic Transaction Security (E-Commerce)
Understanding Commercial Card and the use of Controls Louisiana GFOA Fall Conference October 9, 2014 Rhonda C. Engel, SVP Commercial Card Sales Manager.
ARC MarketPlace Judy Howard Product Manager, Industry Products and Services.
Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.
Langara College PCI Awareness Training
Our Portfolio Reflects Our Expanding Possibilities
Cross Border E-commerce: Challenges and Opportunities
Security and Fraud Solutions Initiatives: Turning the Threat into an Opportunity.
Geneva, Switzerland, 4 December 2014 Evolving Payments into The Digital World Richard Smith, Vice President, MasterCard Customer Fraud Management
INTRODUCTION TO SIM.DLL AGENDA SIM.DLL Overview and Features SIM.DLL Requirements Supported Terminals Transaction Flow Benefits.
Improve Your Experience ExpressRelease Debit Card.
An Investigation into E-Commerce Frauds and their Security Implications By Kevin Boardman Supervisor: John Ebden 29 July 2004.
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.
Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
The next generation of payments is here. Is your business ready?
MyBank The simple, safe way to buy on the internet Presentation for online shoppers June 2011.
Current Fraud Trends Kathy Druckenmiller, CFCI, CIRM, ACT Specialist April 29, /29/2014.
Payment Systems for Electronic Commerce
SMARTER. TOGETHER. The Mobility of Fraud Michael Loox, CFI Director of Loss Prevention & Safety Coffee Bean and Tea Leaf David Johnston.
Enabling payments through innovation
Confidential and Proprietary - NOT TO BE DISTRIBUTED WITHOUT THE EXPRESS WRITTEN PERMISSION OF BANK OF AMERICA MERCHANT SERVICES. ASTRA EMV Review/Best.
Confidential R. C. Giltner Services February 11, Companion Card Strategy to Serve Customer Security and Transaction Needs.
- 1 - Gateway to Managed Payment Services Extending your Sales Channels Accept secure on-line internet payments Vision and Strategy YESpay E-Commerce.
Weighing the Risks and Benefits of Online Financial Transactions
Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.
© 2017 SlidePlayer.com Inc. All rights reserved.