4 PAYMENT CARD SECURITY IN THE CONTEXT OF EUROPEAN HARMONISATION

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "4 PAYMENT CARD SECURITY IN THE CONTEXT OF EUROPEAN HARMONISATION"

Transcription

1 4 PAYMENT CARD SECURITY IN THE CONTEXT OF EUROPEAN HARMONISATION The Observatory for Payment Cards Security took note of the development in 2005 of two proposals for harmonising card payments in Europe. In September 2005, the European Payments Council (EPC) a body of the European banking industry developing rules for the interoperability of payment instruments aiming at the creation of a Single Euro Payments Area (SEPA) adopted the SEPA Cards Framework (SCF), a framework for the interoperability of general-purpose payment cards scheduled to become operational in January 2008 and fully-fledged by January In December 2005, the European Commission sent the European Council and the European Parliament its proposal for a Directive on Payment Services in the Internal Market. The draft Directive is intended to harmonise the legal framework for non-cash payments in Europe, whatever of the means of payment and the currency used. As these two projects will have a significant impact on the rules for issuing and using French payment cards, the Observatory examined them from a security point of view. Regarding the SCF, the Observatory welcomes the choice of EMV chip cards as the supporting technology for card payments in Europe. The Observatory nevertheless encourages all of the stakeholders to define specific, harmonised implementation procedures, so that the expected benefits in terms of security can be realised without adverse effects on competition. As for the Directive on payment services, the Observatory welcomes the adoption of a common European legal framework, but feels that the prudential requirements associated with the new statute of payment institutions (which will be authorized to issue and manage means of payment) are not sufficient to ensure financial and legal security for means of payment. 4 1 The SEPA Cards Framework (SCF) The SEPA Cards Framework (SCF) is one of three SEPA initiatives directed by the EPC, the other two being SEPA direct debit (SDD), the creation of a single European payment scheme for direct debit; and SEPA credit transfer (SCT), the creation of a single European payment scheme for credit transfers. The objective of the SCF is to put in place beginning in 2008 and with full implementation in 2010 a single area for card payments in Europe. This initiative is Observatory for Payment Card Security 2005 Report 39

2 aimed at general purpose cards: four-party cards accepted by a large European network of merchants. 14 It will thus be possible to use an SCF-compliant card throughout the SEPA area under the same conditions as in the current national areas. (For example, in France, cards complying with the SCF will benefit from the principle of interbanking, which has been observed in France since the 1980s.) At this stage, three options for achieving that objective are being considered: Exclusive reliance on the international card systems (Visa and Mastercard); Co-branding between domestic card systems and the international systems (as is currently the case for CB cards); The creation of a pan-european card network, constructed from one or more national or international card systems. Implementation of the SCF presupposes harmonisation in the standards and principles governing the functioning of payment cards. The Observatory hopes that this harmonisation will provide an opportunity to reinforce the security of card payments in Europe. The Observatory welcomes the contribution to security made by the framework proposed by the EPC, but considers that more progress still needs to be made in defining common security objectives in the SEPA area, and feels that it should be stated clearly that security cannot be allowed to be a factor in competition. Real progress in terms of security The Observatory considers that implementation of the SCF can have a positive impact on the security of payment cards and can reduce the risk of fraud, especially for cross-border transactions. The SCF's principal contribution to security is the adoption of the EMV chip card (see box 11). The SCF expects that all countries in the SEPA area will have adopted this type of card by The Observatory welcomes this objective, which aims at generalising the use of the Chip and PIN model for payment cards, in which cardholders must identify themselves in each withdrawal or payment transaction by entering their Personal Identification Number (PIN). The chip payment card (used by the French CB four-party card system since 1992) will thus replace the magnetic stripe payment card in all countries of the SEPA area. The Observatory welcomes the prospect that the magnetic technology, which is more fragile in terms of security, would be used less, or even disappear completely, at least from the SEPA area. The Observatory salutes the willingness shown by European banks to strengthen their cooperation in preventing and combating fraud by studying the opportunity and feasibility of a pan-european database of all incidents of card payment fraud within the SEPA 14 I.e. for payments in Euro, the European Union and the European Free Trade Association (EFTA): Switzerland, Norway, Liechtenstein, and Iceland Rapport Observatory for Payment Card Security

3 15 area. Such a database could aid in the fight against fraud and thereby strengthen public confidence in this payment instrument within the SEPA area. Box 11 the EMV chip card EMV is a standard established in the 1990s by three international card systems (Europay, Mastercard, and Visa) to define the interactions between chip cards and payment terminals. The standard is currently managed by the EMVCo consortium, which consists of MasterCard, VISA, and the Japanese JCB system. EMV defines the interaction between the payment card and the terminal at the level of physical and electronic characteristics and of format of data elements to be exchanged. Several different implementations of the EMV standards are possible, and it is therefore possible that national banking industries have chosen different versions, depending on their timetable for migrating to EMV and their specific needs. Most of the EMV implementations identify the cardholder by the entry of a personal code (the Chip and PIN model), although this is not strictly required. Promoting strong security within the SEPA area While the adoption of EMV will improve security in the interaction between payment cards and terminals, the Observatory considers that strengthening the security of card payments also requires: Adopting technical security standards for all types of interaction between the parties to a card transaction: cardholder to terminal, merchant to acquirer, and acquirer to issuer; and Improving the conditions for security certification of cards and terminals. Defining technical security standards for all types of interaction between the parties to a card transaction At present, technical security standards differ considerably from one card payment system to the next. This is a source of inefficiency and vulnerability to fraud whenever transactions pass through several systems (for example, in cross-border transactions). Work on standardisation has been undertaken, particularly in the area of exchanges between cards and terminals (see discussion of EMV, above). However, this work remains incomplete: common standards still need to be defined for the authorisation, acquiring, clearing, and settlement of transactions. The Observatory encourages the standard-setting bodies concerned to complete work on the missing security standards as quickly as possible, and calls upon the EPC to incorporate these standards in the SCF. 15 Indeed, the draft Directive on payment services allows, notwithstanding the Directive on data protection, the processing of personal data by payment systems and payment services providers, for the sole purpose of preventing and combating fraud. Observatory for Payment Card Security 2005 Report 41

4 Security certification The SCF calls for harmonisation in the methodologies for security certification (of cards, terminals, etc.), but does not provide any details on how this is to be achieved. There is therefore a risk of 'harmonisation to the lowest common denominator'. This could result in marked disparities between national card systems, and could even confer a competitive advantage to those countries that choose to install less secure and therefore less costly equipment. Cardholders could be exposed to a greater risk of fraud in countries that have equipment which is more easily converted to fraudulent use, even though the cards conform to the common EMV standard. This possibility is a source of concern to the Observatory, which notes that the current French CB four-party card system is based on stringent certification methods. Cards, terminals, and other elements of the card system are initially subjected to a functional certification by the manager of the system. This functional certification specifies the level of security of the components which the manager wishes to use for its cards. It is supported by an external evaluation and certification to verify that this level has been achieved. In France, the evaluation and certification process for cards is an element of a national scheme administered by the Central Directorate for Information System Security (Direction centrale de la sécurité des systèmes d information DCSSI), which reports to the General Secretary for National Defence. These evaluations are governed by a set of international security standards, known as the Common Criteria (see box 12), which have been adopted by the principal industrialised countries (France, the United States, Germany, the United Kingdom and Japan, among others). There are two international agreements for recognising certificates issued as a result of an evaluation conducted according to the Common Criteria: The Common Criteria Recognition Arrangement (CCRA), an agreement which is open to all countries worldwide, but which introduces limits on recognition (in other words, because this agreement is limited to evaluations conducted for an average level of security requirements, and provides only an elementary defence against attacks). Ten countries are currently recognised under this agreement as being able to evaluate and certify products (but others are willing to be recognised). The Senior Officials Group for Information Security (SOG-IS) agreement, a European agreement to which 11 countries of the European Union and EFTA are currently signatories. 16 The SOG-IS agreement does not introduce any limits on the mutual recognition of evaluations conducted in different countries. It therefore applies to evaluations conducted on the basis of stringent security requirements, like those currently in force in France for CB payment cards. Three countries are currently recognised under this agreement as being able to evaluate and certify products: France, Germany, and the United Kingdom. In practice, only Germany and France 16 Germany, France, the United Kingdom, Spain, Finland, Italy, Greece, Norway, the Netherlands, Portugal, and Sweden Rapport Observatory for Payment Card Security

5 evaluate and certify cards for a high level of protection against attacks. This situation could change in the medium term: other countries (for example the Netherlands, Spain, and Norway) could ask to for recognition of their certificates under this agreement. Box 12 the Common Criteria The international standard known as the Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408) is the result of the unification of three older standards: a European standard developed in the beginning of the 1990s (ITSEC), an older American standard (TCSEC), and a Canadian standard (CTCPEC). In contrast with other information security standards, the Common Criteria do not define a set of rules with which information processing products must comply. Instead, they establish a framework in which users can formulate their security requirements and providers can demonstrate that their products satisfy those requirements. In other words, the Common Criteria make it possible to ensure that the processes for specifying security requirements, for developing products, and for evaluating their security, are carried out in the most rigorous manner possible. The Common Criteria methodology is based on three main concepts: the Protection Profile (PP), a document which expresses the security requirements of a community of users; the Security Target (ST), a document (typically drawn up by the provider of the product) which describes the product's security characteristics and lists the protection profiles which the product purports to satisfy; the Evaluation Assurance Level (EAL), which documents all of the measures that have been taken to comply with security functionalities. The assurance levels define the level of security requirement, and range from level EAL-1 (the least stringent) to level EAL-7 (the most stringent and also the most costly). These assurance levels consist of requirements in seven different classes of assurance: configuration management (ACM), delivery and operation (ADO), development (ADV), guidance documents (AGD), life cycle support (ALC), tests (ATE), and vulnerability assessment (AVA). Micro-processors used in co-branded Visa or Mastercard CB cards are also subjected to a security evaluation by the laboratories of each of these international networks. In European countries which do not have a national scheme, this evaluation by Visa and Mastercard is the only evaluation that takes place for international payment cards. Mastercard recognises the evaluations conducted within the framework of the French national scheme, under the authority of the DCSSI, so that French co-branded Mastercard cards do not need to undergo a specific evaluation by Mastercard. The Observatory considers it essential that the security for cards, terminals, and other elements of card systems should be maintained at a very high level for SCF-compliant cards. To that end: The managers of card systems should submit their cards, terminals, and other elements of their systems to stringent common security requirements. The Observatory takes note of the initiative developed by several European card systems, known as the Common Approval Scheme (CAS), to develop such security Observatory for Payment Card Security 2005 Report 43

6 requirements for cards, payment terminals, and eventually for other elements of card payment systems. This useful initiative needs only to be adopted by the EPC in order to become a standard operating procedure applicable to all SCF-compliant card systems. Evaluations and certificates should be standardised. There are several ways of achieving this: For cards assuming that the level of security is equivalent to the current level in France uniformity could be guaranteed by enlarging the SOG-IS agreement, which has already been adopted by almost half of all EU Member States. However, this assumes that these countries would be willing to accept that their payment cards should be evaluated by the French, German, or United Kingdom national schemes, which for the time being are the only national schemes recognised for purposes of evaluation and certification under the agreement. For terminals, the level of security targeted will probably be much weaker than the level targeted for cards (the need for security is not the same). If the Common Criteria are used to evaluate this equipment, all of the countries that are signatories to either the CCRA or the SOG-IS agreement and that have a national certification scheme could evaluate and certify terminals. Community legislation could establish equivalency criteria (including transparency requirements) between the public and private evaluation processes used by card systems in each country. It would be important that all of the laboratories that conduct security evaluations within the SEPA area should possess similar levels of expertise. The Observatory notes that the European Commission proposed a provision along these lines in version four of its draft Directive. This provision was subsequently dropped, but could be supported. Mutual recognition in Europe could be instituted by establishing an ad hoc structure administered by the European banks (self-regulation). 4 2 The Legal Framework for Payment Services in Europe The Observatory is pleased with the efforts of the European Commission to establish a harmonised legal framework for payments in Europe that could ease the establishment of SEPA. The draft Directive confirms the principle that the user's responsibility for losses that occur before he has reported the loss or theft of his card is limited to 150 euros, and that the user has no pecuniary responsibility for losses that occur as the result of unauthorized payments. These principles are already embodied in French law. However, the Observatory considers that three points in the draft Directive require particular attention: The creation of a third category of payment service provider known as payment institutions; The methods for applying the Directive to payment cards; The definition of the principle of irrevocability Rapport Observatory for Payment Card Security

7 The creation of a specific license for payment institutions The creation of a specific licence for payment institutions responds to a legitimate competitive concern, and from that point of view appears desirable. However, the content of the license is very vague, and the absence of substantial prudential requirements means that the security of funds entrusted by users to payment institutions is not guaranteed. In addition, the ability of payment institutions to obtain direct access to card payment systems (card issuance, acquiring of transactions, connection to electronic card networks, clearing and settlement, etc.), or even to manage them directly, could constitute a risk factor if those institutions do not have sufficient financial guarantees and if they are not adequately supervised. The Observatory also notes that the draft Directive liberalises functions that are currently reserved in France to credit institutions, such as the acquiring of card payment transactions. This could considerably alter the position of actors in the payment chain, by placing acquiring business within the scope of activity of service providers who are not subject to the prudential safeguards that apply to credit institutions. Application of the Directive to payment cards The Observatory feels that the application of certain provisions of the draft Directive to payment cards needs to be clarified. In particular, the current text is vague on the question of whether the threshold of 50 euros for micro-payments (related to information requirements and execution times) applies only to contracts under which no individual transaction can exceed 50 euros (art. 38-1) or, by extension, to any payment below 50 (art. 59). Since the median value of card transactions (approximately 46 euros) lies below that threshold, a policy of applying the threshold to each individual transaction would treat almost half of all payments and withdrawals as 'exceptions'. Other definitions also need to be clarified, such as the definition of the date of payment acceptance, which determines the moment at which payment becomes irrevocable and fixes the starting point for execution times for card transactions, set in the draft Directive at D+1 in The definition of irrevocability The Observatory notes that the definition of irrevocability in the draft Directive is ambiguous. This lack of precision (for example, concerning the date of payment acceptance and the methods for administering the right to reimbursement for remote sales) could challenge legal and contractual arrangements in force in most countries. In France, for example, payment is considered final and irrevocable from the moment the cardholder enters his confidential code. The Observatory would like these points to be clarified, in order to ensure the legal security of card payment transactions and to guarantee the smooth functioning of card systems. Observatory for Payment Card Security 2005 Report 45

8 4 3 Recommendations The Observatory considers that the development of a European framework for card payments raises major security issues, and urges French card issuers to maintain a high level of security for payment cards that will be used in the SEPA area. Since this objective is based on Community standards relating to security, the Observatory invites the EPC to incorporate into the SCF the security standards that are currently missing in the areas of authorisation, acquiring, clearing, and settlement of card transactions, and to consider adopting the Common Approval Scheme, which could become a standard operating procedure applicable to all SCF-compliant card systems. Since this initiative is likely to receive the support of European authorities, the Observatory thinks that the European Commission, as well as the Council and the European Parliament, should consider the possibility of laying out in legislation the criteria for determining the equivalence between the public and private evaluation processes used by card systems in each country. Finally, the Observatory stresses the importance of the operational and financial risks posed by the new class of payment institutions, which could soon be authorised to provide payment services under the terms of the draft Directive that is currently being examined by the Council and the European Parliament. The Observatory therefore recommends strengthening both the prudential requirements that apply to these institutions and the methods for supervising them Rapport Observatory for Payment Card Security

Questions & Answers clarifying key aspects of the SEPA Cards Framework

Questions & Answers clarifying key aspects of the SEPA Cards Framework Doc. EPC075-08 (Version 10.0) 11 June 2008 Questions & Answers clarifying key aspects of the SEPA Cards Framework Circulation: Publicly available Restricted: No SEPA a Guide to the Single Euro Payments

More information

Answers to the Green Paper Towards an integrated European market for card, internet and mobile payments

Answers to the Green Paper Towards an integrated European market for card, internet and mobile payments Answers to the Green Paper Towards an integrated European market for card, internet and mobile payments Ad 4.1.1. (MIFs) Figure 1. Interchange fees in card payments in Europe (2011). Visa Poland Germany

More information

Single Euro Payments Area

Single Euro Payments Area Single Euro Payments Area Overview SEPA (Single Euro Payments Area) is a European payments initiative which aims to create one single, integrated, standardised payments market in Europe. It is an area

More information

What is SEPA? Fact Sheet. Streamlining Payments in Europe

What is SEPA? Fact Sheet. Streamlining Payments in Europe Fact Sheet Streamlining Payments in Europe The Single Euro Payments Area (SEPA) is the area where citizens, companies and other economic players will be able to make and receive payments in euros (whether

More information

SEPA - Frequently Asked Questions

SEPA - Frequently Asked Questions SEPA - Frequently Asked Questions Contents SEPA Overview Questions... 2 What is SEPA?... 2 What is the aim of SEPA?... 3 Where did SEPA come from?... 3 What countries are included in SEPA?... 3 What currencies

More information

TERMS OF REFERENCE FOR THE SEPA COMPLIANCE OF CARD SCHEMES

TERMS OF REFERENCE FOR THE SEPA COMPLIANCE OF CARD SCHEMES 4 March 2009 TERMS OF REFERENCE FOR THE SEPA COMPLIANCE OF CARD SCHEMES The Eurosystem supports the creation of the Single Euro Payments Area (SEPA) which will enable retail payments in euro to be made

More information

EPC020-08 11.02.2015 SEPA CARDS STANDARDISATION (SCS) VOLUME

EPC020-08 11.02.2015 SEPA CARDS STANDARDISATION (SCS) VOLUME EPC020-08 11.02.2015 (Vol Ref. 7.5.1.05) SEPA CARDS STANDARDISATION (SCS) VOLUME BOOK 5 CONFORMANCE VERIFICATION PROCESSES Payments and Cash Withdrawals with Cards in SEPA Applicable Standards and Conformance

More information

Roadmap for the Single Euro Payments Area

Roadmap for the Single Euro Payments Area www.europeanpaymentscouncil.eu Roadmap for the Single Euro Payments Area Status and progress Gerard Hartsink Chair - European Payments Council Raad Nederlandse Detailhandel Utrecht, 28 augustus 2009 Agenda

More information

SEPA. Frequently Asked Questions

SEPA. Frequently Asked Questions SEPA Frequently Asked Questions Page 1 of 13 Contents General SEPA Questions... 4 What is SEPA?... 4 What is the aim of SEPA?... 4 What are the benefits of SEPA?... 4 What countries are included in SEPA?...

More information

FREQUENTLY ASKED QUESTIONS ABOUT SEPA

FREQUENTLY ASKED QUESTIONS ABOUT SEPA FREQUENTLY ASKED QUESTIONS ABOUT SEPA 1. What does SEPA mean? SEPA stands for Single Euro Payments Area. 2. What countries are part of SEPA? The SEPA includes 31 countries: the 27 EU members plus Norway,

More information

Microsoft Dynamics NAV. SEPA Credit Transfers and Direct Debits

Microsoft Dynamics NAV. SEPA Credit Transfers and Direct Debits Microsoft Dynamics NAV SEPA Credit Transfers and Direct Debits July 2012 EXECUTIVE SUMMARY... 1 SEPA PAYMENT INSTRUMENTS... 2 SEPA CREDIT TRANSFERS... 2 SEPA DIRECT DEBITS... 2 OVERVIEW OF SEPA DIRECT

More information

EPC020-08 11.02.2015 SEPA CARDS STANDARDISATION (SCS) VOLUME

EPC020-08 11.02.2015 SEPA CARDS STANDARDISATION (SCS) VOLUME EPC020-08 11.02.2015 (Vol Ref. 7.7.0.05) 1 2 3 4 5 6 7 8 9 10 11 12 13 SEPA CARDS STANDARDISATION (SCS) VOLUME BOOK 7 CARDS PROCESSING FRAMEWORK Payments and Cash Withdrawals with Cards in SEPA Applicable

More information

1 ARE PCI SECURITY MEASURES SUITED TO THE FRENCH MARKET?

1 ARE PCI SECURITY MEASURES SUITED TO THE FRENCH MARKET? 1 ARE PCI SECURITY MEASURES SUITED TO THE FRENCH MARKET? As part of its task of monitoring the security policies implemented by issuers and acquirers, the Observatory conducted an assessment in 2010 to

More information

Re-engineering Debit: The Missing SEPA Blueprint

Re-engineering Debit: The Missing SEPA Blueprint Re-engineering Debit: The Missing SEPA Blueprint ARTICLE Peter Jones Managing Director PSE Consulting (Payment Systems Europe) 14 th March 2005 As the plan for a Single Euro(pean) Payments Area (SEPA)

More information

Irmfried Schwimann. Acting Director 'Financial services and Health-related markets' European Commission, DG Competition. SEPA and competition

Irmfried Schwimann. Acting Director 'Financial services and Health-related markets' European Commission, DG Competition. SEPA and competition Irmfried Schwimann Acting Director 'Financial services and Health-related markets' European Commission, DG Competition SEPA and competition European Payment Council, Coordination Committee offsite meeting

More information

THIRD REPORT ON CARD FRAUD

THIRD REPORT ON CARD FRAUD THIRD REPORT ON CARD FRAUD February 14 F e b r u a ry 14 In 14 all publications feature a motif taken from the banknote. European Central Bank, 14 Address Kaiserstrasse 29 6311 Frankfurt am Main Germany

More information

Visa Europe Our response to the European Commission s proposed regulation of interchange fees for card-based payment transactions

Visa Europe Our response to the European Commission s proposed regulation of interchange fees for card-based payment transactions Visa Europe Our response to the European Commission s proposed regulation of interchange fees for card-based payment transactions Executive summary On 24 July 2013 the European Commission published a proposal

More information

ECB-RESTRICTED. Card payments in Europe a renewed focus on SEPA for cards

ECB-RESTRICTED. Card payments in Europe a renewed focus on SEPA for cards ECB-RESTRICTED Card payments in Europe a renewed focus on SEPA for cards COGEPS 11 March 2014 SEPA WHERE DO WE STAND SEPA migration end-date (1 February 2014) was a key milestone (regardless of the additional

More information

Payments Package: Questions and Answers

Payments Package: Questions and Answers Payments Package: Questions and Answers Date: November 2013 Contact: Ruth Milligan, T: +32 2 737 05 95, milligan@eurocommerce.be A. Introduction The Commission published its Payments Package on 24 July

More information

Towards basic electronic payments A roadmap for competitive and inclusive payment systems in Europe

Towards basic electronic payments A roadmap for competitive and inclusive payment systems in Europe Towards basic electronic payments A roadmap for competitive and inclusive payment systems in Europe Revised position paper Date: May 2013 What do we need from our electronic payments? What Europe needs

More information

SEPA Cards Framework. Version 2.1

SEPA Cards Framework. Version 2.1 Cards-SCF 006 09 (Ver. 2.1) 16 December 2009 EPC SEPA Cards Framework Version 2.1 Abstract This document defines the EPC SEPA Cards Framework Document Reference Cards-SCF 006 09 Issue Version 2.1 Date

More information

A Guide to EMV. Version 1.0 May 2011. Copyright 2011 EMVCo, LLC. All rights reserved.

A Guide to EMV. Version 1.0 May 2011. Copyright 2011 EMVCo, LLC. All rights reserved. A Guide to EMV Version 1.0 May 2011 Objective Provide an overview of the EMV specifications and processes What is EMV? Why EMV? Position EMV in the context of the wider payments industry Define the role

More information

for CONSUMERS Information on the SINGLE EURO PAYMENTS AREA

for CONSUMERS Information on the SINGLE EURO PAYMENTS AREA Version 5.0 - February 2014 for CONSUMERS Information on the SINGLE EURO PAYMENTS AREA All you need to know about SEPA EPC Shortcut Series* Shortcut to SEPA Shortcut to the SEPA Direct Debit Schemes Shortcut

More information

In 2014 all ECB publications feature a motif taken from the 20 banknote. CARD PAYMENTS IN EUROPE A RENEWED FOCUS ON SEPA FOR CARDS

In 2014 all ECB publications feature a motif taken from the 20 banknote. CARD PAYMENTS IN EUROPE A RENEWED FOCUS ON SEPA FOR CARDS C A R D PAY M E N T S I N E U RO P E A R E N E W E D F O C U S O N S E PA F O R C A R D S A pri l 2 0 1 4 In 2014 all publications feature a motif taken from the 20 banknote. CARD PAYMENTS IN EUROPE A

More information

Information Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS +44 1276

Information Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS +44 1276 Information Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS +44 1276 702500 dbrewer@gammassl.co.uk Agenda Background and

More information

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud Serving millions of people worldwide with electronic payment convenience. Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud Copyright 2011 Euronet Worldwide, Inc. All

More information

SINGLE EURO PAYMENTS AREA (SEPA) FROM CONCEPT TO REALITY

SINGLE EURO PAYMENTS AREA (SEPA) FROM CONCEPT TO REALITY SINGLE EURO PAYMENTS AREA (SEPA) FROM CONCEPT TO REALITY JULY 2007 FIFTH PROGRESS REPORT EN SINGLE EURO PAYMENTS AREA (SEPA) FROM CONCEPT TO REALITY FIFTH PROGRESS REPORT In 2007 all publications feature

More information

Single Euro Payments Area SEPA Herman Ciappara Payments & Banking Department Central Bank of Malta

Single Euro Payments Area SEPA Herman Ciappara Payments & Banking Department Central Bank of Malta Single Euro Payments Area SEPA Herman Ciappara Payments & Banking Department Central Bank of Malta 1 1 Outline What is SEPA? Objectives Opportunities Important SEPA Dates Impact of SEPA Challenges 2 2

More information

A Steria Report SEPA: will European businesses be ready for the transformation? Prepared in collaboration with. è www.steria.com

A Steria Report SEPA: will European businesses be ready for the transformation? Prepared in collaboration with. è www.steria.com A Steria Report SEPA: will European businesses be ready for the transformation? Prepared in collaboration with è www.steria.com 02 SEPA : will European businesses be ready for the transformation? è www.steria.com

More information

Payment Card Fraud in the European Union Perspective of Law Enforcement Agencies

Payment Card Fraud in the European Union Perspective of Law Enforcement Agencies images: Fotolia Situation Report - Payment Card Fraud 2012 Public Version Situation Report Payment Card Fraud in the European Union Perspective of Law Enforcement Agencies This Europol product analyses

More information

Maestro Europe only anti fraud measure by 23 banks in Belgium

Maestro Europe only anti fraud measure by 23 banks in Belgium Maestro Europe only anti fraud measure by 23 banks in Belgium Bart Guns Global Head of Payments KBC Group COGEPS 2-3 April 2012 Titel hoofdstuk Agenda 1. Problem 2. Anti skimming not feasible nor opportune

More information

SEPA. Changes in the Payment System Implementation of the European SEPA Regulations for Kuna and Euro Payments

SEPA. Changes in the Payment System Implementation of the European SEPA Regulations for Kuna and Euro Payments SEPA Changes in the Payment System Implementation of the European SEPA Regulations for Kuna and Euro Payments SEPA The Single Euro Payments Area (SEPA) stands for a European Union (EU) payments integration

More information

3 1 The use of open networks in the payment card environment

3 1 The use of open networks in the payment card environment 3 TECHNOLOGY WATCH As part of its technology watch, the Observatory conducted two studies in 2006. The first dealt with the impact of the use of open networks in the payment card environment and the second

More information

CERTIFIED. SECURE SOFTWARE DEVELOPMENT with COMMON CRITERIA

CERTIFIED. SECURE SOFTWARE DEVELOPMENT with COMMON CRITERIA CERTIFIED SECURE SOFTWARE DEVELOPMENT with COMMON CRITERIA CONTENT CC IN A NUTSHELL CC BACKGROUND AIM AND GOAL OF CC ADVANTAGES OF CC WHY DO WE RECOMMEND CC TO DEVELOPERS? WHEN IS CC THE RIGHT CHOICE?

More information

Joint Media Release. Payments Technology

Joint Media Release. Payments Technology Joint Media Release Payments Technology Sydney, 13 October, 2006: The Australian Bankers Association (ABA) and Australian Payments Clearing Association (APCA) are releasing today the joint letter that

More information

Interchange fees for card-based payment transactions

Interchange fees for card-based payment transactions Briefing March 2015 Interchange fees for card-based payment transactions SUMMARY Card-based payments have a growing share of retail payments, as do non-cash payments in both e-commerce and traditional

More information

Electronic Payment Schemes Guidelines

Electronic Payment Schemes Guidelines BANK OF TANZANIA Electronic Payment Schemes Guidelines Bank of Tanzania May 2007 Bank of Tanzania- Electronic Payment Schemes and Products Guidleness page 1 Bank of Tanzania, 10 Mirambo Street, Dar es

More information

It is a great pleasure for me to be here in Madrid to share with you some

It is a great pleasure for me to be here in Madrid to share with you some Recent developments and policy challenges affecting large-value and retail payment systems in Europe Banque de France It is a great pleasure for me to be here in Madrid to share with you some thoughts

More information

services for cards and payments annual report 2011

services for cards and payments annual report 2011 services for cards and payments annual report 2011 annual report 2011 Foreword Outstanding payment services to support our customers development. The image that its customers have of a bank primarily depends

More information

Position Paper Ecommerce Europe. E-Payments 2012

Position Paper Ecommerce Europe. E-Payments 2012 Position Paper Ecommerce Europe E-Payments 2012 Contents Introduction: Ecommerce Europe 3 1. Payments from the merchants perspective 5 2. Market outlook 6 3. Card-based payments and related fraud issues

More information

REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL

REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL EUROPEAN COMMISSION Brussels, 25.9.2014 COM(2014) 592 final REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL on the implementation in the period from 4 December 2011 until 31 December

More information

CANADIAN PAYMENTS ASSOCIATION ASSOCIATION CANADIENNE DES PAIEMENTS RULE E1

CANADIAN PAYMENTS ASSOCIATION ASSOCIATION CANADIENNE DES PAIEMENTS RULE E1 CANADIAN PAYMENTS ASSOCIATION ASSOCIATION CANADIENNE DES PAIEMENTS RULE E1 EXCHANGE OF SHARED ELECTRONIC POINT-OF-SERVICE PAYMENT ITEMS FOR THE PURPOSE OF CLEARING AND SETTLEMENT 2015 CANADIAN PAYMENTS

More information

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof, 28.8.2014 Official Journal of the European Union L 257/73 REGULATION (EU) No 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 23 July 2014 on electronic identification and trust services for electronic

More information

TOWARDS AN INTEGRATED EUROPEAN CARD PAYMENTS MARKET

TOWARDS AN INTEGRATED EUROPEAN CARD PAYMENTS MARKET TOWARDS AN INTEGRATED EUROPEAN CARD PAYMENTS MARKET Over the last decade the integration of the European cashless retail payments market has been a high priority for payment service providers, regulators

More information

EPIF POSITION PAPER ON ACCESS TO BANK SERVICES FOR PAYMENT INSTITUTIONS

EPIF POSITION PAPER ON ACCESS TO BANK SERVICES FOR PAYMENT INSTITUTIONS Page1 21 MAY 2014 EPIF POSITION PAPER ON ACCESS TO BANK SERVICES FOR PAYMENT INSTITUTIONS ABOUT EPIF (EUROPEAN PAYMENT INSTITUTIONS FEDERATION) EPIF was founded in 2011 to represent the interests of the

More information

MAKING A REALITY. The definitive Guide to the SINGLE EURO PAYMENTS AREA SEPA COUNTRIES

MAKING A REALITY. The definitive Guide to the SINGLE EURO PAYMENTS AREA SEPA COUNTRIES 31 AUSTRIA BELGIUM BULGARIA CYPRUS CZECH REPUBLIC DENMARK ESTONIA FINLAND FRANCE GERMANY GREECE HUNGARY ICELAND IRELAND ITALY LATVIA LIECHTENSTEIN LITHUANIA LUXEMBOURG MALTA NETHERLANDS NORWAY POLAND PORTUGAL

More information

EPC SEPA CARDS STANDARDISATION (SCS) VOLUME

EPC SEPA CARDS STANDARDISATION (SCS) VOLUME EPC020-08 08.12.2015 (Vol Ref. 7.7.1.1) SEPA CARDS STANDARDISATION (SCS) VOLUME BOOK 7 CARDS PROCESSING FRAMEWORK Payments and Cash Withdrawals with Cards in SEPA Applicable Standards and Conformance Processes

More information

A Guide to EMV Version 1.0 May 2011

A Guide to EMV Version 1.0 May 2011 Table of Contents TABLE OF CONTENTS... 2 LIST OF FIGURES... 4 1 INTRODUCTION... 5 1.1 Purpose... 5 1.2 References... 5 2 BACKGROUND... 6 2.1 What is EMV... 6 2.2 Why EMV... 7 3 THE HISTORY OF EMV... 8

More information

THE ITALIAN BANKING ASSOCIATION Cards 2009 Cards Revolution. Payment cards between the PSD and SEPA

THE ITALIAN BANKING ASSOCIATION Cards 2009 Cards Revolution. Payment cards between the PSD and SEPA THE ITALIAN BANKING ASSOCIATION Cards 2009 Cards Revolution Payment cards between the PSD and SEPA Address by the Deputy Director General of the Bank of Italy Giovanni Carosio Rome, 12 November 2009 1

More information

Competition policy brief

Competition policy brief Issue 2015-3 June 2015 ISBN 978-92-79-38783-8, ISSN: 2315-3113 Competition policy brief Occasional discussion papers by the Competition Directorate General of the European Commission The Interchange Fees

More information

Proposal for a Regulation of the European Parliament and of the Council on interchange fees for card-based payment transactions

Proposal for a Regulation of the European Parliament and of the Council on interchange fees for card-based payment transactions Proposal for a Regulation of the European Parliament and of the Council on interchange fees for card-based payment transactions About MasterCard MasterCard is a payments technology company that enables

More information

Il Ruolo della Tecnologia: l importanza delle scelte e l ottimizzazione dei costi SIAnet for SEPA! Giacomo BUICO Network Services Director

Il Ruolo della Tecnologia: l importanza delle scelte e l ottimizzazione dei costi SIAnet for SEPA! Giacomo BUICO Network Services Director Il Ruolo della Tecnologia: l importanza delle scelte e l ottimizzazione dei costi SIAnet for SEPA! Giacomo BUICO Network Services Director sia-ssb 2007 SEPA Topics SEPA impacts technology, legislation

More information

A RE T HE U.S. CHIP RULES ENOUGH?

A RE T HE U.S. CHIP RULES ENOUGH? August 2015 A RE T HE U.S. CHIP RULES ENOUGH? A longer term view of security and the payments landscape is needed. Abstract: The United States is finally modernizing its card payment systems and confronting

More information

SEPA as a driver for streamlining receivables

SEPA as a driver for streamlining receivables SEPA 2.0: Opportunities and challenges after the end-date by Luca Poletto, BNP Paribas Five years after the go-live date of the first Single Euro Payments Area (SEPA) instrument, we are in the last sprint

More information

APACS RESPONSE TO THE EUROPEAN COMMISSION INTERIM REPORT ON PAYMENT CARDS

APACS RESPONSE TO THE EUROPEAN COMMISSION INTERIM REPORT ON PAYMENT CARDS APACS RESPONSE TO THE EUROPEAN COMMISSION INTERIM REPORT ON PAYMENT CARDS 1. Introduction APACS is the UK payments association, a trade association for those institutions delivering payment services to

More information

PCI and EMV Compliance Checkup

PCI and EMV Compliance Checkup PCI and EMV Compliance Checkup ATM Security Jim Pettitt Director, ATM Security Diebold Incorporated Agenda ATM threats today Top of mind risk PCI Impact on Security U.S. EMV Migration Conclusions / recommendations

More information

SEPA Functionality in Microsoft Dynamics NAV. Heidi Andreasen Program Manager. Tomás Navarro Casbas Senior Program Manager Lead

SEPA Functionality in Microsoft Dynamics NAV. Heidi Andreasen Program Manager. Tomás Navarro Casbas Senior Program Manager Lead SEPA Functionality in Heidi Andreasen Program Manager Tomás Navarro Casbas Senior Program Manager Lead November 2013 Contents Introduction 3 About SEPA 3 Generic SEPA Functionality in All Country Versions

More information

CABINET OFFICE THE CIVIL SERVICE NATIONALITY RULES

CABINET OFFICE THE CIVIL SERVICE NATIONALITY RULES ANNEX A CABINET OFFICE THE CIVIL SERVICE NATIONALITY RULES Introduction The Civil Service Nationality Rules concern eligibility for employment in the Civil Service on the grounds of nationality and must

More information

ONLINE PAYMENTS: Bridging the Gap between Fraud Prevention and Data Protection

ONLINE PAYMENTS: Bridging the Gap between Fraud Prevention and Data Protection ONLINE PAYMENTS: Bridging the Gap between Fraud Prevention and Data Protection IAPP EUROPE DATA PROTECTION CONGRESS 2014 19 November 2014 Brussels Increase of Payment Card Fraud on Internet Europe: USA:

More information

SEPA Implementation and Migration in GREECE

SEPA Implementation and Migration in GREECE SEPA Implementation and Migration in GREECE HELLENIC BANK ASSOCIATION Status of preparation and plans as per July 2007 1 Table of contents (1) Introduction 3 (2) Implementation and migration phases 5 (3)

More information

European Payment Card Systems for the 21 st Century. A paper from MasterCard Europe

European Payment Card Systems for the 21 st Century. A paper from MasterCard Europe U European Payment Card Systems for the 21 st Century A paper from MasterCard Europe For four decades, MasterCard Europe 1 has been working successfully with European banks to deliver secure, efficient

More information

Payments Relating to Online Shopping

Payments Relating to Online Shopping 131 Payments Relating to Online Shopping Eva Wix Wagner, Payment Systems INTRODUCTION AND SUMMARY Online shopping in Denmark has increased significantly in recent years, and Danish consumers are among

More information

FBF position paper on the European Commission's proposal for a Directive on bank accounts ****

FBF position paper on the European Commission's proposal for a Directive on bank accounts **** Paris, June 2013 FBF position paper on the European Commission's proposal for a Directive on bank accounts The French Banking Federation (FBF) is the professional body that represents all banks operating

More information

Introduction. Fields marked with * are mandatory.

Introduction. Fields marked with * are mandatory. Questionnaires on introducing the European Professional Card for nurses, doctors, pharmacists, physiotherapists, engineers, mountain guides and estate agents(to competent authorities and other interested

More information

2: Credit cards, etc. Overview of the sector

2: Credit cards, etc. Overview of the sector 19 2: Credit cards, etc Overview of the sector Note: This sectoral guidance is incomplete on its own. It must be read in conjunction with the main guidance set out in Part I of the Guidance. 2.1 A credit

More information

Your Reference Guide to EMV Integration: Understanding the Liability Shift

Your Reference Guide to EMV Integration: Understanding the Liability Shift Your Reference Guide to EMV Integration: Understanding the Liability Shift UNDERSTANDING EMV EMVCo was formed in February 1999 by Europay, MasterCard and Visa to establish and maintain global interoperability

More information

EuroCommerce position paper Online e-payments

EuroCommerce position paper Online e-payments EuroCommerce position paper Online e-payments 16 September 2011 EuroCommerce welcomes the opportunity to comment on online payment issues. We carried out a brief members' survey and consulted within the

More information

MasterCard response to the Department of Finance public consultation Regulation (EU) 2015/751 on Interchange Fees for Card-based payment transactions

MasterCard response to the Department of Finance public consultation Regulation (EU) 2015/751 on Interchange Fees for Card-based payment transactions MasterCard response to the Department of Finance public consultation Regulation (EU) 2015/751 on Interchange Fees for Card-based payment transactions MasterCard MasterCard Worldwide (MasterCard) is a public-listed,

More information

Sending money abroad. Plain text guide

Sending money abroad. Plain text guide Sending money abroad Plain text guide Contents Introduction 2 Ways to make international payments 3 Commonly asked questions 5 What is the cost to me of sending money abroad? 5 What is the cost to the

More information

Guide to the Electronic Payment Alternatives to Cheque Acceptance

Guide to the Electronic Payment Alternatives to Cheque Acceptance Guide to the Electronic Payment Alternatives to Cheque Acceptance This document has been prepared by the Programme Office of the National Payments Plan for the purpose of informing interested parties about

More information

Securing Internet Payments. The current regulatory state of play

Securing Internet Payments. The current regulatory state of play Securing Internet Payments The current regulatory state of play In recent years the European Union (EU) institutions have shown a growing interest on the security of electronic payments. This interest

More information

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group Abstract: Visa Inc. and MasterCard recently announced plans to accelerate chip migration in the

More information

A stocktaking of measures

A stocktaking of measures LA FINANCE SOLIDAIRE CHAPTER OU ÉTHIQUE 1 A stocktaking of measures to protect online card payments 13 13 The Observatory regularly monitors fraud in card-not-present (CNP) payments, which amounted to

More information

Supplementary Appendix Table A DESCRIPTION OF THE DIRECTIVES OF THE FINACIAL SERVICES ACTION PLAN (FSAP)

Supplementary Appendix Table A DESCRIPTION OF THE DIRECTIVES OF THE FINACIAL SERVICES ACTION PLAN (FSAP) Supplementary Appendix Table A DESCRIPTION OF THE DIRECTIVES OF THE FINACIAL SERVICES ACTION PLAN (FSAP) Directive Name Directive No. Deadline Implementation of the Settlement Finality Directive 1998/26/EC

More information

Oversight of non-cash payment schemes: objectives and implementation procedures

Oversight of non-cash payment schemes: objectives and implementation procedures Oversight of non-cash payment schemes: objectives and implementation procedures MARC ANDRIES, CARLOS MARTIN Payment Systems Directorate Oversight of Non-cash Means of Payment Division The use of non-cash

More information

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP WHERE IS THE U.S. PAYMENT CARD INDUSTRY NOW? WHERE IS IT GOING? Today, payment and identification cards of all types (credit

More information

Security Failures in Smart Card Payment Systems: Tampering the Tamper-Proof

Security Failures in Smart Card Payment Systems: Tampering the Tamper-Proof Security Failures in Smart Card Payment Systems: Tampering the Tamper-Proof Saar Drimer Steven J. Murdoch Ross Anderson www.cl.cam.ac.uk/users/{sd410,sjm217,rja14} Computer Laboratory www.torproject.org

More information

PRINCIPLES FOR EVALUATION OF DEVELOPMENT ASSISTANCE

PRINCIPLES FOR EVALUATION OF DEVELOPMENT ASSISTANCE PRINCIPLES FOR EVALUATION OF DEVELOPMENT ASSISTANCE DEVELOPMENT ASSISTANCE COMMITTEE PARIS, 1991 DAC Principles for Evaluation of Development Assistance Development Assistance Committee Abstract: The following

More information

Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011

Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011 Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011 On 5 th March 2010, The Association of Banks in Singapore announced key measures to adopt a holistic

More information

The European regulatory system for medicines and the European Medicines Agency

The European regulatory system for medicines and the European Medicines Agency The European regulatory system for medicines and the European Medicines Agency A consistent approach to medicines regulation across the European Union An agency of the European Union This booklet is intended

More information

AUDIT PROGRAMME. Guide to the design of internal quality assurance systems in higher education. Document 01 V. 1.0-21/06/07

AUDIT PROGRAMME. Guide to the design of internal quality assurance systems in higher education. Document 01 V. 1.0-21/06/07 AUDIT PROGRAMME Guide to the design of internal quality assurance systems in higher education Document 01 V. 1.0-21/06/07 INDEX FOREWORD FUNDAMENTALS OF DESIGNING INTERNAL QUALITY ASSURANCE SYSTEMS 1.-

More information

SEPA Security Certification Framework

SEPA Security Certification Framework www.epc-cep.eu SEPA Security Certification Framework Topic 7 for discussion 25 th COGEPS Ugo Bechis EPC - Cards Working Group Chair Cards Stakeholders Group Co-Chair Bruxelles, 10- October 20 SEPA Card

More information

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com EMV FAQs Contact us at: CS@VancoPayments.com Visit us online: VancoPayments.com What are the benefits of EMV cards to merchants and consumers? What is EMV? The acronym EMV stands for an organization formed

More information

EUROPEAN FINANCIAL INTEGRATION IN THE AREA OF CARD PAYMENTS. Silvia Parusheva University of Economics Varna, Bulgaria

EUROPEAN FINANCIAL INTEGRATION IN THE AREA OF CARD PAYMENTS. Silvia Parusheva University of Economics Varna, Bulgaria Abstract EUROPEAN FINANCIAL INTEGRATION IN THE AREA OF CARD PAYMENTS Silvia Parusheva University of Economics Varna, Bulgaria Payment cards are very successful electronic payment instruments. The use of

More information

Accreditation in Europe

Accreditation in Europe Accreditation in Europe Facilitating regulatory compliance and international trade ACCREDITATION INSPECTION TESTING CALIBRATION EXAMINATION VERIFICATION CERTIFICATION About the EA The EA is appointed by

More information

Preparing for EMV chip card acceptance

Preparing for EMV chip card acceptance Preparing for EMV chip card acceptance Ben Brown Vice President, Regional Sales Manager, Wells Fargo Merchant Services Lily Page Vice President, Wholesale ereceivables, Wells Fargo Merchant Services June

More information

Questions & Answers on Payment Statistics

Questions & Answers on Payment Statistics Questions & Answers on Payment Statistics The European Central Bank and the Bank of Finland have compiled statistics on payment transmission before, so what s new? In November 2013, the European Central

More information

INTERNATIONAL. Helping your money travel around the world. International payments travel money and CHAPS. Talk to us today

INTERNATIONAL. Helping your money travel around the world. International payments travel money and CHAPS. Talk to us today INTERNATIONAL Helping your money travel around the world International payments travel money and CHAPS Talk to us today Access your money, at home and away Maybe you have family overseas and want to send

More information

THE SINGLE EURO PAYMENTS AREA (SEPA) AN INTEGRATED RETAIL PAYMENTS MARKET

THE SINGLE EURO PAYMENTS AREA (SEPA) AN INTEGRATED RETAIL PAYMENTS MARKET THE SINGLE EURO PAYMENTS AREA (SEPA) AN INTEGRATED RETAIL PAYMENTS MARKET Contents Foreword 3 Introduction 4 1. Creating SEPA 5 Overview of SEPA 5 Stakeholders 5 Why SEPA? 6 What has been achieved so far?

More information

Final Report for the Project Car Insurance Tariffs. Part I

Final Report for the Project Car Insurance Tariffs. Part I Final Report - Part I: Project description (Meyer, H.D.) 1 Final Report for the Project Car Insurance Tariffs Part I Project Description H a n s D i e t e r M e y e r * Insurance Advisor * Contact mailto:hansdmeyer@versanet.de

More information

The European Entrepreneur Exchange Programme

The European Entrepreneur Exchange Programme The European Entrepreneur Exchange Programme Users Guide 2 Contents 1.0 Introduction... 5 2.0 Objectives... 6 3.0 Structure... 7 3.1 Basic elements... 7 3.2 Four phases... 8 4.0 Implementation... 9 4.1

More information

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard Table of Contents For more than 40 years, merchants and consumers have used magnetic stripe credit cards and compatible

More information

INTERNATIONAL SERVICES TARIFF

INTERNATIONAL SERVICES TARIFF INTERNATIONAL SERVICES TARIFF Supporting your international business Our service promise. If you experience a problem, we will always try to resolve it as quickly as possible. Please bring it to the attention

More information

Position Paper e-payments

Position Paper e-payments Position Paper e-payments 10 Recommendations for a Stronger e-payments Landscape in Europe www.ecommerce-europe.eu POSITION PAPER 3 Introduction: Ecommerce Europe Ecommerce Europe (www.ecommerce-europe.eu)

More information

Frequently Asked Questions - Chip & PIN

Frequently Asked Questions - Chip & PIN Frequently Asked Questions - Chip & PIN Chip & PIN (Personal Identification Number) technology is quickly becoming the established standard for safety and security for card transactions across much of

More information

Payments Transformation - EMV comes to the US

Payments Transformation - EMV comes to the US Accenture Payment Services Payments Transformation - EMV comes to the US In 1993 Visa, MasterCard and Europay (EMV) came together and formed EMVCo 1 to tackle the global challenge of combatting fraudulent

More information

Visa Reloadable Frequently Asked Questions. EMV Travel Card

Visa Reloadable Frequently Asked Questions. EMV Travel Card Visa Reloadable Frequently Asked Questions EMV Travel Card How does the International Prepaid Card work? The International Prepaid Card is a reloadable prepaid Visa debit card, which means you can spend

More information

NOTICE ON OUTSOURCING

NOTICE ON OUTSOURCING CONSULTATION PAPER P018-2014 SEPTEMBER 2014 NOTICE ON OUTSOURCING PREFACE 1 MAS first issued the Guidelines on Outsourcing in 2004 1 ( Guidelines ) to promote sound risk management practices for the outsourcing

More information

SECOND ANNUAL PROGRESS REPORT

SECOND ANNUAL PROGRESS REPORT EUROPEAN COMMISSION Internal Market and Services DG FINANCIAL INSTITUTIONS Retail issues, consumer policy and payment systems Brussels, 9 vember 2009 MARKT/H3/ZK/GH D(2009) SECOND ANNUAL PROGRESS REPORT

More information