EMV-TT. Now available on Android. White Paper by



Similar documents
How Secure are Contactless Payment Systems?

ACI TOKEN MANAGER FOR MOBILE: TOKEN SERVICE PROVISION, HCE AND EMBEDDED SECURE ELEMENT IN THE CLOUD

Mobile Payment: The next step of secure payment VDI / VDE-Colloquium. Hans-Jörg Frey Senior Product Manager May 16th, 2013

Mobile Payment Security discussion paper

A Guide to EMV. Version 1.0 May Copyright 2011 EMVCo, LLC. All rights reserved.

GLOBAL MOBILE PAYMENT TRANSACTION VALUE IS PREDICTED TO REACH USD 721 BILLION BY MasterCard M/Chip Mobile Solution

HCE and SIM Secure Element:

Android pay. Frequently asked questions

Mobile Near-Field Communications (NFC) Payments

The New Mobile Payment Landscape. July 2015

The future of contactless mobile payment: with or without Secure Element?

Bringing Mobile Payments to Market for an International Retailer

About Visa paywave for mobile

Making Cloud-Based Mobile Payments a Reality with Digital Issuance, Tokenization, and HCE WHITE PAPER

BGS MOBILE PLATFORM HCE AND CLOUD BASED PAYMENTS

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.

HCE, Apple Pay The shock of simplifying the NFC? paper

MOBILE NEAR-FIELD COMMUNICATIONS (NFC) PAYMENTS

Apple Pay. Frequently Asked Questions UK

Latest and Future development of Mobile Payment in Hong Kong

Apple Pay. Frequently Asked Questions UK Launch

EMV : Frequently Asked Questions for Merchants

EMV Frequently Asked Questions for Merchants May, 2014

NFC technology user guide. Contactless payment by mobile

Smart Cards for Payment Systems

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility

Payments Security White Paper

Using EMV Cards to Protect E-commerce Transactions

MOBILE PAYMENT IN THE EU: ROLE OF NFC. Gerd Thys Product Manager Clear2Pay Open Test Solutions (OTS)

Mobile MasterCard PayPass UI Application Requirements. February Version 1.4

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper Executive Director, Product Development

How To Protect A Smart Card From Being Hacked

Banking. Extending Value to Customers. KONA Banking product matrix. is leading the next generation of payment solutions.

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations

The EMV Readiness. Collis America. Guy Berg President, Collis America

Credit Card Processing Overview

IBM Payment Services. Service Definition. IBM Payment Services 1

Mobile MasterCard PayPass Testing and Approval Guide. December Version 2.0

Asian Payment Card Forum Growing the Business: Launching Successful Consumer Payments Products

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud

mobile payment acceptance Solutions Visa security best practices version 3.0

NFC technology user guide. Contactless payment by mobile

NFC technology user guide. Contactless payment by mobile

WHITE PAPER Usher Mobile Identity Platform

EMV and Restaurants: What you need to know. Mike English. October Executive Director, Product Development Heartland Payment Systems

Mobile Electronic Payments

The Hang Seng Mobile Payment - FAQs

Digital Payment Solutions TSYS Enterprise Tokenization:

American Express Contactless Payments

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group

What Merchants Need to Know About EMV

Inside the Mobile Wallet: What It Means for Merchants and Card Issuers

MasterCard Contactless Reader v3.0. INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0

White Paper. EMV Key Management Explained

INTRODUCTION AND HISTORY

Security of Proximity Mobile Payments

Visa Recommended Practices for EMV Chip Implementation in the U.S.

Creating a trust infrastructure to support mobile payments

THE CASE FOR IN-SOURCING EMV

We make cards and payments work for people as a part of everyday life. We bring information to life

DEVELOPING NFC APPS for BLACKBERRY

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement"

CardControl. Credit Card Processing 101. Overview. Contents

The Canadian Migration to EMV. Prepared By:

MASTERCARD PAYMENT GATEWAY SERVICES

Preparing for EMV chip card acceptance

EMV and Restaurants What you need to know! November 19, 2014

Risks of Offline Verify PIN on Contactless Cards

GO!es MOBILE. YOUR Enterprise. The Challenge. The Solution. Mobilise Your Services Reach Anybody, Anywhere, Anytime

Voltage SecureData Web with Page-Integrated Encryption (PIE) Technology Security Review

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

Formal analysis of EMV

PAYMENTS AS A SERVICE. Fully managed multi-channel card acceptance for all business environments.

EMV and Small Merchants:

Credit card: permits consumers to purchase items while deferring payment

Fundamentals of EMV. Guy Berg Senior Managing Consultant MasterCard Advisors

OXY GEN GROUP. pay. payment solutions

Guide to Data Field Encryption

Applying Cryptography as a Service to Mobile Applications

Advanced Authentication

Omnichannel Payments

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization

EMV in Hotels Observations and Considerations

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

The State of Pay. A mobile revolution. semble.co.nz

The Role of the Trusted Service Manager in Mobile Commerce

The Convergence of IT Security and Physical Access Control

Building Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd.

Transaction Security. Advisory Services

Mobile Contactless Payments and Data Privacy

EMP's vision is to be the leading electronic payments processing company in the emerging markets of Africa and the Middle East.

Transcription:

EMV-TT A virtualised payment system with the following benefits: MNO and TSM independence Full EMV terminal and backend compliance Scheme agnostic (MasterCard and VISA supported) Supports transactions when the handset is offline Instant deployment of application to consumers White Paper by Now available on Android

Introduction EMV Tokenised Transactions (EMV-TT) is a new approach to mobile payments that does not require a secure element, and yet remains EMV compatible. With 11 Million NFC Enabled handsets in the UK, EMV-TT using technology such as Host Card Emulation (HCE) on Android and Blackberry (since Blackberry 7) makes it possible for a mobile phone to make a payment on a conventional contactless terminal without requiring a secure element. EMV-TT has the following key advantages: Allows for an MNO independent business model EMV compliant and scheme agnostic Works when phone has no connectivity With EMV-TT, financial institutions can stop the lengthy negotiations with MNO s and begin deployment of what both merchants and consumers desperately want: a secure, fast and convenient method of mobile proximity payment, and the potential to easily combine many other value added products (all fully managed by the financial institution) such as built in mobile loyalty/voucher cards, targeted marketing and mobile banking app integration. This whitepaper explains the advantages of EMV-TT, how it works, how it adds value, and the steps necessary to take the proposed solution to a pilot.

EMV-TT The Benefits Proxama and Cryptomathic have designed a mobile payment system that does not require a secure element. A payment tokenisation mechanism enables payments to be made from a mobile NFC enabled device using standard EMV contactless (online-capable and connected) terminals. Tokenisation is a security model based around individual one shot packets, which are cryptographically derived from secret information. Each tokens stored on the mobile device allows a single online verified EMV transaction. By generating and distributing these tokens from a secure, online source, the traditional EMV security risk model is modified using back-end manageable tokens instead of a secure element containing secret keys. The Proxama EMV-TT virtual card module on the mobile handset uses these tokens to interact with standard EMV terminals, which are forced to perform an online authorisation. From there, the transaction follows normal channels until reaching a processing unit which is inserted into the issuer transaction processor. This unit only serves to perform some pre-processing of the transaction data, with the verification process remaining the sole responsibility of the issuer transaction processor, as in a conventional transaction. This is the only change necessary to the EMV payment processing infrastructure. EMV-TT has been designed to offer a number of benefits over traditional secure element based mobile contactless payment methods. Independence EMV-TT completely removes the MNO and TSM from all parts of the issuance and payment processes. This means that no new parties are required, and complete control is retained over the customer relationship. As part of this independence, costs will be substantially reduced, and any potential conflicts of interest will be eliminated. Furthermore, this independence also delivers a number of optional enhancements, including loyalty and voucher schemes, targeted marketing, and integration with existing mobile banking applications, which through EMV-TT can provide enhanced services e.g. payment history and money management features. EMV Compatible Transactions No changes are required to be made by the merchant. Existing EMV compatible contactless terminals can be used to process a virtual-card transaction because the data returned by the EMV-TT virtual card is indistinguishable from a secure-element based card (all card differences are embedded in the generation of the application cryptogram). Payment Scheme Agnostic EMV-TT does not depend on any particular payment scheme. The solution is fully UKIS compliant, and so both MasterCard and VISA based transactions are supported. Offline Device, Online Transaction As a finite number of tokens are cached by the device, the handset does not need to go online to perform a transaction. EMV-TT is therefore suitable in underground locations, or in areas where there is no mobile network coverage. Furthermore, because the transaction itself must be verified online (i.e. the terminal must have a connection, and the device forces an ARQC online-verified transaction), all aspects of the issuer s fraud management systems can be applied to the transactions. Instant Application Deployment Secure-element based transactions require a physical process of issuing a SIM based payment applet, often requiring the consumer to swap their SIM. By virtualising the card the application can be issued (subject to suitable user and device authentication) via an instant download.

Technical The following sections describe EMV-TT in detail. Firstly, a description of the overall architecture is presented, which shows how the various components fit together, and how they fit into the banking network. Subsequently, the following three constituent parts are described in further detail: Virtual Card: The mobile application components and how they interact with contactless terminals. Tokenisation: The fundamental EMV payment building blocks which the EMV-TT transaction scheme is based on. No Secure Element means independence EMV-TT allows for a direct relationship with the customer and control over all aspects of the payment technology and any related value added services. In addition to simplifying the process of issuing and processing payments, this independence enables a direct line of communication with customers enabling future enhancements such as loyalty platform integration or targeted marketing. Transaction: How an EMV-TT transaction is verified within the banking network.

Architecture Overview Virtual Card Transaction Processor HSM 4. Issuance 1. Virtual Card 3. Pre-Processor Scheme 2. Generator A deployed instalment of EMV-TT comprises of four main modules: 1. EMV-TT Virtual Card: The virtual card installed on the handset, contains cached tokens, and other details necessary to handle an EMV transaction request. The card can be integrated into an existing mobile application, or a Proxama solution can be used. 2. EMV-TT Token Generator / Distributor: A token generator manages the number of tokens within the virtual card. The generator can have logic to restrict these tokens, or authenticate the virtual card in various ways. It can also integrate with EMV back-end systems to synchronise with the use of tokens. Acquirer Terminal 3. EMV-TT Pre-Processor: The pre-processor module converts EMV messages within the EMV back-end system. This stage is necessary to convert between tokenised and standard transactions. The preprocessor doesn t contain any information about the card and it works completely independently of personalisation details. 4. EMV-TT Issuance: The virtual card details need to be issued within a secure environment much as they are with secure element based cards. The output of this process is a downloadable virtual card to be loaded onto a mobile handset. Registration API Registration UI & Process Static Data Token Fetch API The Mobile Application Token Fetch Storage Card Initialisation Unit Data Block Card Emulator NFC Payment UI (PIN Entry) Token Packet The EMV-TT Virtual Card is a software module capable of performing mobile contactless EMV based transactions. The virtual card capability can be integrated into any mobile banking application, or can be delivered as a stand alone Proxama wallet solution. From the user s perspective, a single mobile application is downloaded which, once authenticated with back-end servers, can be configured on the fly with their payment card. From an issuer s perspective, EMV-TT Virtual Card provides an isolated payment module which can be integrated with any mobile banking application. The EMV-TT solution uses software card emulation allowing terminal events to arrive and be processed within the mobile application layer, circumventing any secure element on the handset. This means that the NFC enabled mobile device appears to terminals as a conventional ISO 14443 contactless card, without requiring terminal modifications. Using software card emulation means card personalisation data can be managed within the application layer, which in turn simplifies the issuance process. The issuance of the EMV-TT Virtual Card remains the responsibility of the financial institution who will retain complete control of the mobile payment wallet, the card and its life cycle. By using a tokenised based transaction the risk model is fundamentally changed and the value of any payment data stored on the mobile handset is dramatically reduced. This tokenisation, coupled with modern mobile development techniques mean that it is extremely difficult to steal useful data.

Token Generator Authorisation Message Secret PAN ATC PAN ATC Token Generation ARQC... Tokenisation Transaction Data Transaction Token As described previously, tokenisation is a security model based around individual one shot packets, which are cryptographically derived from secret information. A token is generated in advance, bound to an individual card account and applied to a single transaction by being an input to a modified ARQC generation technique. Within the authorisation system, the EMV-TT processor modifies the authorisation message, so that the normal EMV verification methods can authorise the transaction. By tokenising the payment in this way, no security-critical information will be stored or deployed to the handset. Tokens can be cached inside the handset. The exact number and configuration is flexible, and should be calculated considering any other payment risk parameters, but it is expected that three to five tokens would be cached on the device. This allows the consumer to make payments when the phone does not have connectivity, for instance, in a tube station or whilst in transit. The ability to make payments when the mobile handset is offline or has limited connectivity constitutes a significant advantage of the solution. Practically, a token is a 4-byte unique identifier which is a cryptographic product of a number of data fields, detailed in the diagram. This token must be generated in a secure environment and delivery to the handset must be managed from a token server. Before it can be used within a transaction, a user must enter a passcode to unlock a usable token. The passcode is never stored by the handset. Replay attacks are protected against by using the ATC counter within the token generation, so once a token has been used it can never be used again. PAN Token Server Token 1 Token 2 Token n Handset Virtual Card Token 1 Token 2 Token n EMV-TT Processor Token Regenerate Authorisation Message Transaction Data PAN ATC ARQC... Process Using EMV-TT, the cryptogram used to verify an online transaction (ARQC) is generated using a modified technique based on the token data. In order to verify this new ARQC, the transaction authorisation data must be modified as part of the transaction processing. Although the token itself is not transmitted, the token can be reconstructed using the transaction data delivered by the terminal and a shared secret. This reconstruction process is used by the processor module in order to modify the authorisation message, so that the issuer transaction processor generates the same EMV ARQC as the virtual card and the transaction is verified. By modifying the authorisation data in this way, the EMV-TT pre processor requires no particular information from the EMV-TT Virtual Card; the transaction is protected against repeated use of the same token; the transaction is a fully EMV compliant authorisation message both before and after the pre processor; and the PIN is implicitly verified by the transaction processor even though the pre processor cannot know the PIN. The solution supports online authorised transactions only, enabling all aspects of the financial institution s fraud management system to be applied to the transaction.

Risk Managment EMV-TT provides a number of innovative and configurable risk management tools to allow financial institutions to control their risk and liability in a live product. These features can be configured across an entire financial institution, or fine-tuned down to individual groups of consumers. Online Transactions Forcing a transaction online enables the full suite of risk management facilities within the Financial Institution to be applied to the transaction. Systems such as Lost and Stolen and other fraud management systems work as normal. Token Delivery Tokens are delivered to the handsets through a two factor push and pull method. Unique session keys are delivered through the push, which are used in pulling a token from the server. This mechanism greatly increases the difficulty in capturing any data in transit. When in transit, the tokens are double encrypted, once with the passcode (which makes the token only usable by the user), and once with a key which is different for each handset (which makes the token only usable by a particular handset). The Future Token Limits Total control of the number of tokens released to a handset limits the capability to perform repeated transactions, and therefore controls the liability. Cancelling cards is easier with EMV-TT by cancelling the tokens, a simpler and cheaper system than cancelling a card. Locking and unlocking the card is done through token management rather then turning a card off. Token Pools In the base product, there is a single Token Pool which comprises a queue of tokens, one of which is used for each transaction. However, the product can be configured to utilize multiple pools enabling different risk profiles to be applied to different transaction types. For example the handset could contain: Three tokens for low-value (sub 5) transactions. These could be performed without PIN entry. One token for a mid-value ( 5 100) PIN required transaction. No cached tokens for high value transactions. These would have to be requested before they are used. By incorporating EMV-TT into your M-Banking application, it opens up a wide range of integrated services. The tight coupling of the payment applet with the UI application allows wallets to provide a range of features to the consumers, financial institutions and merchants. Meta Data and Tagging Transactions Vouchers and Loyalty By adding extra information to the transaction (through the phone network), a financial institution is able to better connect to their consumers. For example, by tagging transactions with location, and other information, it will be easier for consumers to identify transactions reducing the need for expensive statement clarification and creates opportunities for better targeted marketing. A digital wallet should be able to contain everything your current physical wallet contains. Adding loyalty and rewards information to your consumer s wallet is easier with EMV-TT through simple software updates. Rewards can easily be sent to the handset, allowing the consumer to become more engaged with the financial institution. Big Data and Targeting Capturing data about the consumer interactions with merchants directly and feeding that information into a financial institution s Big Data program enables the targeting of loyalty and rewards to individual consumers based upon behaviour. Information about spending habits and behaviour becomes a valuable asset to any financial institution wishing to strengthen the consumer and merchant relationship. Innovative & Low Risk User Authentication The future of user authentication is not limited to simple PIN or Passcodes, and new methods such as fingerprint scan and face recognition can be included as and when they become available. TrustZone or other Trusted Execution Environments allow the use of more highly secured user input and credential storage and this is already available on new devices. Over the next few years these methods could be used as a replacement, or an augmentation to passcode entry to lower the risk associated with a transaction.

TEE Hardening For more risk adverse organizations, additional hardening techniques can be added to the solution. Trusted Execution Environments (TEE) such as TrustZone in ARM based processors, is one technology which Proxama recommend utilizing to provide a stronger layer of protection. Proxama are a platinum partner with Trustonic an organization providing a TEE environment (<t -base 300) to devices. By utilizing this environment, key components of the solution can be placed into the secure world of the TEE. TEE enables the solution to separate normal and sensitive functions. The majority of the application executes in the normal world, containing all the users other applications and UI modules that are used on a daily basis, alongside this a reduced set of sensitive core functions are implemented that operate inside the secure OS thereby increasing the security of the overall application. Proxama design applications that span the secure and normal worlds, hardening the application to prevent malicious attacks on the system. Trustonic s <t -base can harden several aspects of the solution: Secure user authentication can be performed by performing secure passcode entry the user s touches to the screen are invisible to any key loggers or attack. Secure token storage and manipulation within the TEE. Protection of keys used for communication with the token and issuance servers. Cryptographic functions can be performed within the TEE.

Pilot Options The level of back-end payment system integration and realism of any pilot will be dependent on the objectives of the financial institution. Proxama and Cryptomathic will help align client objectives with the various possible options. However, it is suggested that pilots can be broadly categorised into one of three types, outlined in the diagram below. Entry Level Mid Level Fully operational out of box Partial integration with back-end Tokens pregenerated (pre-pay issued) Token generation and issuance No back-end integration Some back-end preprocessor integration Suitable for small number of trusted participants Suitable for extended group of semi-trusted participants Pre Commercial Fuller integration with existing banking application and back-end Token generation and issuance Suitable for selected live customers

Cryptomathic is one of the worlds leading providers of security software solutions to businesses across a wide range of industry sectors, including banking, government, technology, cloud and mobile. With more than 25 years experience, Cryptomathic provide systems for ebanking, PKI, ID & epassport, card issuing, advanced key management and managed cryptography. Proxama is the next generation mobile commerce company that connects the physical to the digital worlds. Its technology platforms enable consumers to setup a mobile wallet, receive offers, connect with brands and make payments through their NFC mobile phone. Proxama is an NFC and mobile payments thought-leader and has been developing NFC-based solutions since 2005. Proxama works with card issuers, MNOs, handset manufacturers, brands, agencies and Out of Home media companies to rapidly launch NFC payment services and location based marketing campaigns. V: 1.6-7/02/14-Special

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information