Presentation is loading. Please wait.

Presentation is loading. Please wait.

EMV, Tokenization and Apple Pay The New Landscape Carolina’s Credit Unions Council October 10, 2014 Leanne Phelps Senior Vice President, Card Services.

Similar presentations


Presentation on theme: "EMV, Tokenization and Apple Pay The New Landscape Carolina’s Credit Unions Council October 10, 2014 Leanne Phelps Senior Vice President, Card Services."— Presentation transcript:

1 EMV, Tokenization and Apple Pay The New Landscape Carolina’s Credit Unions Council October 10, 2014 Leanne Phelps Senior Vice President, Card Services State Employees’ Credit Union

2 Agenda EMV: The Technology Tokenization Mobile Payments with Apple Pay

3 About State Employees’ Credit Union Serving state employees, teachers and their family members in North Carolina 1.9 million members 255 branch offices 1,100 ATMs

4 SECU Card Programs Debit Portfolio - Route through Visa DPS to SECU Host 1.3 million Visa Check Cards $10.3 billion annual purchase volume 305 million transactions Credit Portfolio – Processed through First Data Resources 300,000 Visa credit cards $1.1 billion open credit lines 14.5 million transactions

5 Why EMV? Secure chip stores payment information Chip card authentication prevents counterfeiting Adds cardholder verification methods Offers online or offline authorization

6 Form Factors Options Contact –Chip is embedded in a card –A contact card is inserted into a smart card reader –The contact points on the chip make contact with the card reader Contactless –The chip may be embedded in cards, key fobs, stickers, mobile phones, etc. –A contactless chip requires close proximity to a reader (“tap and go”) –Both the chip and the reader have an antenna and they use an RF (radio frequency) signal to communicate

7 Authentication – Static vs. Dynamic Transaction / Authorization Differences vs. Today What is on the actual Chip – Application Identifier logic Card / Chip Lifecycle Visa Recommendation for personalization Liability Shift Planning and Implementation timing Unaffiliated networks Vendor Support Card / Chip Lifecycle EMV – Building the Momentum The Top 10 Discussions

8

9 Transaction Flow Comparison Card Swiped Merchant Acquirer Processor FI I Terminal Reads & Passes Track & Authorization Data Issuer Processor or Issuer validates cryptogram or cryptogram value, makes and passes Authorization Decision Issuer makes and passes Authorization Decision Today – Magnetic Stripe Issuer Processor

10 Tomorrow - EMV New and Different Card Inserted FI Communication between the chip card and the terminal – in both directions Terminal to determine, by the Service Code, whether card is magnetic stripe only or chip card - Service code is unique and placed on both the chip and magnetic stripe (begins with a 2 or 6) - Track 2 equivalent on the chip Merchant Acquirer Processor Issuer Processor The Issuer Processor or the FI verifies the request cryptogram and generates a response cryptogram The terminal and chip card verify the response cryptogram

11 EMV – Building the Momentum ConfigurationRoutingIndustry Support Multi-access BIN table VisaCommon Visa One application / Two application identifiers (AIDs) Simplified personalization Easier card management Less application code and potentially less expensive chip Supports domestic and international usage EMV compliant Fully supported by Visa Uses existing network routing infrastructure Offers issuer flexibility through BIN file management Enables merchants and POS acquirers to manage routing selection on a transaction by transaction basis Solution endorsed by EMV Migration Forum (EMF) Maestro Star NYCE Pulse Accel Nets CU 24 Shazam AFFN CO-O P All of the major unaffiliated debit networks support the Visa U.S. Common Debit AID

12 Transaction Authorization Card Authentication Issuer Cardholder Verification Method (CVM) List Always online No offline authorization by chip Always online No offline data authentication 1 Visa Credit Signature No CVM Online PIN (for ATM only) Visa Debit Signature Online PIN (POS and ATM) No CVM U.S. Common Debit AID Online PIN (POS and ATM) No CVM Best practices should reduce complexity, cost and time-to-market Card Personalization Best Practices

13 Adding a contact chip to a mag stripe card impacts the card ordering / issuing process from both a timing and monetary perspective. A key stakeholder is the provider of card processing services... What type of chip can they support and can they support you? Certification of the chips by the associations is taking between 90 days and six months. Based upon chip type and market availability of the chips, the turn times for card manufacturing should not vary much from mag stripe cards – perhaps adds two weeks. However, bear in mind that there is a growing global demand for chips (China, South America), which could impact chip availability. Card Personalization Considerations

14 Points to Remember Adding a chip to a mag stripe card will increase costs – costs can be impacted by the type and size of chip. You can assume to add about a dollar to the present costs for manufacturing custom cards. Personalization Vendors are exploring ways to lower the costs of chip cards for small financial institutions, including the use of generic design plastics (hot-stamped with the credit union’s logo) and print-on-demand using edge to edge imaging equipment. The fees for personalizing the chips are incremental, and subject again to the type and number of applications being loaded onto the chip. Credit unions should expect these fees to be in the $0.25 to $0.40 per card range. Financial institutions should also ask their processor about possible fees associated with an EMV program (new BINs, key management, EMV transaction fees).

15 Key EMV dates from Card Brands 15 © 2012 VeriFone Systems, Inc.

16 Support of Debit Networks NetworkCommon AID LicensingSupport Status MaestroVisa U.S. Common Debit AIDCertified/Ready to Support PulseVisa U.S. Common Debit AIDJanuary 2015 Certification NYCEVisa U.S. Common Debit AIDJanuary 2015 Certification STARVisa U.S. Common Debit AIDFebruary 2015 Certification CO-OPVisa U.S. Common Debit AIDApril 2015 Certification ACCEL / AllPoint Visa U.S. Common Debit AIDSpecifications Under Review CU24Visa U.S. Common Debit AIDPending Specifications

17 Liability Shift After Liability Shift: Liability shifts to the acquirer if counterfeit fraud occurs on a contact chip capable card and the merchant is not contact chip capable Does not cover contactless, card-not-present transactions, or lost/stolen fraud Covers domestic and cross-border transactions Counterfeit Fraud Liability Shifts Rewards investment in EMV POS: October 1, 2015 AFD & ATM: October 1, 2017 Counterfeit Fraud Liability Shifts Rewards investment in EMV POS: October 1, 2015 AFD & ATM: October 1, 2017 Transaction Examples Counterfeit Liability Chip-on-chip transactions Issuer holds the limited exposure that still exists Mag-stripe cards at chip terminals Issuer holds liability Contact chip at mag-stripe terminals Acquirer holds liability

18 Key Vendors – Information & Requirements Host – Software Vendor Networks & Gateways Enhancement Control Support Segmentation of base POS entry mode – new data same field PINs – Host vs. Stripe Certification and Timing Processor must code and certify with each network Certification and Timing Plastic Card Vendors *VOL has the most updated listing of certified vendors *VOL has the common AID personalization specifications Debit & Credit Must be Visa/MasterCard Certified Card Art Standard Chip & CVM’s Timing and Availability Key management Instant Issuance Vendors Timing and Availability Test plastic will be required for certification

19 Planning - 6 Weeks Vendor Readiness and Timelines Budget – ROI Issuance Strategy – Full or Segmentation – At Reissue Internal Education Plan Cardholder Education Marketing Strategy PINs – Customer Selected – Host vs. Stripe Considerations and Project (if applicable) Credit First Debit – Date Coordination with Networks Planning Requirements Build Certification Launch Key Considerations

20 Tokenization – what is it?? October 2013/March 2014 October 2014April 2014 / June 2014 Industry standardCard Brand enabled P ay Payment tokens further enhance security of digital payments and simplify purchase experience when shopping on mobile, computers or other smart devices and help reduce fraudulent activity…. Replaces a traditional card account number with a unique payment token / digital account number Restricts the use of a payment token by device, merchant, transaction type or channel Tokenization is the process of replacing the original payment credentials (PAN) with a unique “alternate identifier” which may be used in its stead to initiate payment activity More to come…

21 Global and interoperable Compatible with existing network routing Compatible with existing payment technologies (web, NFC, POS standards) Supports future payment technologies Improved security Regulatory compliant Multiple Payment Tokens can be attached to a single PAN Core concepts A Payment Token is a “alternate identifier” that can be used in place of a Personal Account Number (PAN) to initiate a payment transaction Enables new channels Interoperable Global Supports new participation Secure Minimizes ecosystem impact Payment Tokens Industry standard and service

22 Interoperable with BIN based account numbers / PANs – PAN / Account Number Validation Rules, Security, Structure and Regulatory Obligations Remain Enforced Distinct and identifiable in system – merchant, consumer device(s) and issuer Able to support authentication by different entities and types (Issuer, Wallet, Merchant, etc) Payment Tokens - Token Attributes # # # # # # # # BIN - Identifies FI FI BIN Range – Various Use Identifies Cardholder # # # # # # # # New Token Structure Identifies FI Identifies Cardholder by PAN AND by Device AND by Merchant Existing PAN / Account Number Structure Tokens add value to the processing environment while improving visibility and protecting cardholder information

23 The Big Announcement! iPhone 6 – 4.7” display iPhone 6 Plus – 5.5” display NFC!!! Apple Watch – with NFC!!! iOS 8 And…….

24 Apple Pay Basics Latest addition to the mobile wallet landscape leveraging NFC By Invitation-Only Security and Privacy at the core of Apple Pay Utilizes traditional payment rails preserving interchange Requires tokenization

25 Apple Pay: What we know Scope and Timing Apple’s Motivation and Value Proposition Payment Accounts Completing Transactions Data and Security In-Store Payments Streamlined online payments Available on iPhone 6, 6 Plus, and Apple Watch in 2015 US Only in October 2014 Replace physical wallet Payments will be faster, more secure, and private Apple’s has 46% of market 5 -10% terminals are NFC enabled Add from iTune account or take a picture of card Stored as a token on secure element of device Use via Passbook app In-store: contactless NFC terminals with Touch ID authentication In-App: integrated via the Apple Pay API with Touch ID authentication Data stays with merchant and financial institution Merchant processes token, not card #

26 Announced Participants Networks Banks / Issuers Merchants In store In App

27 Apple Pay and Payment Tokens

28 Why Does Apple Matter? Widespread consumer acceptance and usage 10 million devices sold in first 3 days! 800+ million iTunes accounts already on file Leverages existing payments ecosystem and preserves interchange Improves payment security = reduces potential fraud Tokenization Secure Element (Device number associated with token) Touch ID authenticates device and card owner

29 Still to Come… and beyond

30 What is your payments roadmap? Ensure your members can access their CU accounts from any channel they choose! Start with implementing EMV Enroll your card programs in tokenization Get ready for the next generation of payments through mobile!

31 Questions??? Leanne Phelps State Employees’ Credit Union


Download ppt "EMV, Tokenization and Apple Pay The New Landscape Carolina’s Credit Unions Council October 10, 2014 Leanne Phelps Senior Vice President, Card Services."

Similar presentations


Ads by Google