THE CASE FOR IN-SOURCING EMV



Similar documents
Making Cloud-Based Mobile Payments a Reality with Digital Issuance, Tokenization, and HCE WHITE PAPER

We believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating

Android pay. Frequently asked questions

Transaction Security. Advisory Services

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER

ACI TOKEN MANAGER FOR MOBILE: TOKEN SERVICE PROVISION, HCE AND EMBEDDED SECURE ELEMENT IN THE CLOUD

Payments Transformation - EMV comes to the US

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group

Inside the Mobile Wallet: What It Means for Merchants and Card Issuers

INTRODUCTION AND HISTORY

Mobile Near-Field Communications (NFC) Payments

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard

Euronet Software Solutions Integrated Credit Card System Improve your organization s marketability, profitability and revenue

The Impact of Emerging Payment Technologies on Retail and Hospitality Businesses. National Computer Corporation

October 21, Rayburn House Office Building 2302 Rayburn House Office Building Washington, D.C Washington, D.C.

Asian Payment Card Forum

IBM and ACI Worldwide Providing comprehensive, end-to-end electronic payment solutions for retail banking

Latest and Future development of Mobile Payment in Hong Kong

Asian Payment Card Forum Growing the Business: Launching Successful Consumer Payments Products

EMV FAQs for developers

Wayne EMV Solutions. Protect your business with a complete EMV Solution inside and out.

EMV-TT. Now available on Android. White Paper by

Visa Recommended Practices for EMV Chip Implementation in the U.S.

EMP's vision is to be the leading electronic payments processing company in the emerging markets of Africa and the Middle East.

Shifting The Ticketing Paradigm

CANADA VS THE USA - THE CONTRAST AND LESSONS FOR MOBILE PAYMENTS

Transaction Security. Test & Certification and Security Evaluation

A Brand New Checkout Experience

A Brand New Checkout Experience

Changing Consumer Purchasing Patterns. John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association

Euronet s Contactless Solution

Payment Technology Deep Dive. October 13, :00 am 8:50 am

Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement"

BGS MOBILE PLATFORM HCE AND CLOUD BASED PAYMENTS

How To Protect Your Restaurant From A Data Security Breach

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud

2016 OUTLOOK: GLOBAL PAYMENTS

HCE and SIM Secure Element:

Understand the Business Impact of EMV Chip Cards

U.S. Mobile Payments Landscape NCSL Legislative Summit 2013

Friday, June 5, :15 p.m.

We make cards and payments work for people as a part of everyday life. We bring information to life

How Secure are Contactless Payment Systems?

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization

Contactless Payments. Björn Salomon-Sörensen, Account Director - Swedbank November 11, 2015

Caribbean Electronic Payments

About Visa paywave for mobile

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

EMV and Restaurants: What you need to know. Mike English. October Executive Director, Product Development Heartland Payment Systems

PCI and EMV Compliance Checkup

EMV FAQs. Contact us at: Visit us online: VancoPayments.com

Preparing for EMV chip card acceptance

Interoute Virtual Data Centre. Hands on cloud control.

Advanced Card Systems Ltd.

Tokenization: FAQs & General Information. BACKGROUND. GENERAL INFORMATION What is Tokenization?

How To Comply With The New Credit Card Chip And Pin Card Standards

A RE T HE U.S. CHIP RULES ENOUGH?

Invigorate Your Mobile Commerce Strategy with Low-Cost Payment Steering

What Merchants Need to Know About EMV

Transaction Security. Training Academy

The Canadian Migration to EMV. Prepared By:

Bringing Mobile Payments to Market for an International Retailer

OVERVIEW OF MOBILE PAYMENT LANDSCAPE

OVERVIEW OF MOBILE PAYMENT LANDSCAPE Marianne Crowe Federal Reserve Bank of Boston NEACH September 10, 2014

Strong data protection. Strategic business value.

Digital Payment Solutions TSYS Enterprise Tokenization:

Integrating payments with EMV: Choosing the right path forward. By Raymond Moorman, Director of Product, EMV Solutions

GLOBAL MOBILE PAYMENT TRANSACTION VALUE IS PREDICTED TO REACH USD 721 BILLION BY MasterCard M/Chip Mobile Solution

Mobile Payments in the Cloud

Secure Financial Transactions Any Time, Any Place

Opinion piece. The mobile wallet already exists! It s called mobile banking. By Simon Cadbury Head of Strategy & Innovation Intelligent Environments

KEEPING PACE WITH MOBILE PAYMENT

FAQ EMV. EMV Overview

Practically Thinking: What Small Merchants Should Know about EMV

EMV: Preparing for the shift

Introductions 1 min 4

The EMV Readiness. Collis America. Guy Berg President, Collis America

Flexible and secure. acceo tender retail. payment solution. tender-retail.acceo.com

Position Paper. issuers. how to leverage EC s regulation proposal. on interchange fees for card-based payment transactions

American Express Contactless Payments

OpenEdge Research & Development Group April 2015

MOBILE NEAR-FIELD COMMUNICATIONS (NFC) PAYMENTS

Payment Services. Issuing Processing. Product & Service Portfolio for Retailers

U.S. Smart Card Migration: Stripe to EMV Claudia Swendseid, Federal Reserve Bank of Minneapolis Terry Dooley, SHAZAM Kristine Oberg, Elavon

Getting in the mobile game

HCE, Apple Pay The shock of simplifying the NFC? paper

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.

Apple Pay. Frequently Asked Questions UK Launch

How To Plan For A Mobile Payment System

the region s leading payments company

Apple Pay. Frequently Asked Questions UK

A Solution to the Mobile Wallet Conundrum

The New Mobile Payment Landscape. July 2015

International Processing for the Financial Industry

The future of contactless mobile payment: with or without Secure Element?

NEWSLETTER PAX TECHNOLOGY. March Your Payment Partner of Choice

NEWS BULLETIN

Your Reference Guide to EMV Integration: Understanding the Liability Shift

Position Paper - Acquirers. acquire. maximum business advantage. from new EU Regulation on interchange. fees for card-based payment transactions

Visa Easy Payment Service. Merchant Best Practices

Transcription:

THE CASE FOR IN-SOURCING EMV ISSUING, PROCESSING AND SHAPING YOUR MOBILE PAYMENTS DESTINY PROXAMA.COM Copyright Proxama 2016

THE CASE FOR IN-SOURCING EMV Date Author May 2016 Nigel Beatty Vice President of Business Development at Proxama PROXAMA.COM Copyright Proxama 2016

Introduction The move to EMV in the US has shifted the dynamics of card issuing and the other activities within the card payments business. Things were easier back in the days of magnetic stripe cards an issuing bank or credit union had to give little thought, if any, to the content of the mag stripe and the information embossed on the card; it was all standard and it was all simple. The biggest headache was getting a new card s artwork approved. It s a different story with EMV cards. Getting the right information and settings into an EMV chip and then processing the data that s created when that chip card makes a purchase introduces a quantum leap in complexity. So it s not surprising that many card issuers took the path of least resistance to comply with card network requirements and to avoid the liability shift. That most often meant outsourcing card production to a bureau or processor, and either using an existing processor s EMV transaction processing upgrade or delegating EMV authentication to the networks. While that can be a convenient approach with a short time to market, there are downsides over the longer term, especially when it comes to extending your product offering to mobile payment, both to meet your customers demands and reap the rewards that the mobile platform promises. Here we spell out the advantages of in-house processing, of bringing outsourced or delegated processing back in-house, and how an integrated approach to physical and digital card issuing and processing will deliver cost savings and hand you back control of your digital destiny. 3

The EMV Challenge With margins falling and costs increasing, migrating the US payment card business to the EMV standard was probably the last thing the industry wanted. But with the US rapidly becoming the focus of global card fraud displaced from other territories by EMV and other fraud prevention strategies, that move was inevitable. The benefit of greater convenience for international travelers was hailed as justification, although in reality this was a by-product. As Proxama described in its well-received webinar of May 2015 EMV The Stepping Stone To Mobile *, the real goal being pursued by the international card networks was the establishment of an EMV-compliant, contactless acceptance infrastructure (i.e. NFC-capable POS terminals), an essential precursor to the introduction of NFC-based mobile payments. The extra incentives offered to merchants and acquirers to deploy contactless terminals confirm this. That was of small comfort to card issuers who now faced the challenge of migrating their cardbases to the EMV standard within the liability shift deadlines imposed by the networks. Their choices, to an extent defined by their existing operations, were limited. For card production, those with in-house card printing facilities confined mostly to Tier 1 banks and other high-volume issuers could acquire an EMV data preparation and key management solution and integrate this into their existing operation, together with personalization machine upgrades for writing to EMV chips. Or they could elect to perform EMV data preparation in-house and feed EMV perso data out to one or more perso bureaus the route chosen, for example, by Proxama customer Navy Federal Credit Union for their debit portfolio. The majority of issuers, however, who had pre-existing relationships with card bureaus and/or processors, simply outsourced EMV data prep and key management to those partners a relatively quick and cost-effective short-term tactic. With EMV transaction processing, specifically the verification of new security and other information in authorization messages that confirms the authenticity of the card, small and medium issuers choices were similarly constrained. The natural route for issuers with outsourced authorization was to accept the EMV extensions introduced by their processor or service provider. Those with third-party in-house authorization systems could take their vendor s EMV upgrade, usually requiring migration to the latest product release with the consequent (and costly) retro-fitting of customizations and end-to-end regression testing, while those with home-grown authorization systems could design and build their own upgrades; a risky and complex approach given the scarcity of EMV expertise in the industry. With the exception of those that deployed Proxama s EMV Transaction Manager, the only independent cross-platform EMV transaction processing extension in the market (as selected by Fiserv Inc. across all their auth platforms), the only remaining option for in-house processors was to delegate EMV authentication to the on-behalf-of services offered by the card networks. * https://www.youtube.com/watch?v=i39uulip7_k 4

Short Term Gain, Long Term Pain Outsourced and on-behalf-of (OBO) EMV solutions for issuing and processing have the short-term advantages of low start-up costs and relatively quick launch times, but come with medium-to-long term downsides. Some or all of these may apply to an issuing organization: Product differentiation outsourced and OBO services require you to fit with the service offered rather than the service being specified by you to meet your customers needs, or even tailored for you; Security using outsourced or OBO services entails delegating the creation (and therefore ownership) or the sharing with external third parties of critical business security assets the EMV Master Keys that guarantee the integrity of your cards and their transactions; Time-to-market as the client of a service provider rather than the owner of the service provided, you ll take your place in line for the development and launch of new products and services behind larger clients with more influence; Cost start-up costs of outsourced, and particularly of OBO services, may be attractive, but as volumes grow and a greater proportion of cards and transactions move to EMV, those costs start to spiral; Lock-in once in a dependent relationship with a service provider, it can be complex and costly to extricate yourself, and the longer it continues, the harder it becomes and the less resilient you can be when faced with the cost increases that will inevitably follow. These are good reasons in themselves to plan strategically for in-house EMV card data preparation and transaction authentication, even if your initial deployment is outsourced. As we ll discuss below, the case becomes overwhelming when the move to mobile payments is considered. 5

How do Issuers Move to Mobile? Despite the card networks Grand Plans for ensuring NFC mobile payments based on contactless EMV adoption used their network rails, certain third parties threw a wrench in the works with the launch of Apple Pay, the announcement of Android Pay and the other open-loop X-Pay models. While the card networks had effectively cut mobile telcos out of the value chain with the adoption of Host Card Emulation (HCE) as their preferred technology, the power and influence of the digital giants caused a re-think that has led to the current fragmented picture in the NFC mobile payment marketplace. One can imagine that the threats represented by the digital giants ability to do something even more disruptive were real enough to guarantee the card networks cooperation in the X-Pay models that we have today. Nevertheless, the X-Pays provided a relatively quick and minimally disruptive route for issuers to offer mobile payments to their customers, but with a similar set of constraints to those we see in the physical card outsourcing and OBO markets. However, the current X-Pay models take this further by prescribing the channels that issuers must use to access these services the mobile provisioning and tokenization services operated by the card networks themselves. The knock-on effect is that all transaction traffic generated by the X-Pays has to flow through and be processed by the OBO services within the network rails. Slam-dunk? Market sewn up? Maybe not. HCE, in its new guise of Cloud Based Payments (CBP) is still out there and issuers are beginning to recognize the appeal of a mobile payment model that does not restrict choice and require dependency on a cabal of service providers (see Lock-in above) as a condition of access. CBP can be operated by an issuer or processor independently of the card networks OBO services and even their network rails, as tokenization and provisioning, and transaction processing and authentication can all be performed in-house. The benefits are clear: Cost the networks have announced that tokenization services are free so far so good, but as with OBO services, there is a fee for authenticating each transaction and, where card numbers are tokenized, for de-tokenizing transactions to enable processing in the issuer s authorization system (and free today does not mean free tomorrow); with CBP the costs are predictable and under the issuer s control; Differentiation the debate over digital wallets, who owns them and what can be stored in them has largely died down, and the X-Pays have closed down further debate by providing no choice Apple Pay works exclusively in Apple Wallet, Android Pay works in Google Wallet etc.; with CBP a mobile payment SDK can be integrated with an app of the issuer s choosing, allowing a mobile banking app, for example, to be enabled for mobile payment, driving customer usage and stickiness in the issuer-customer relationship; Control risk management based on CBP usage is implemented in-house and can be tailored to the issuer s own fraud and risk policies, which can control how the payment app is managed, potentially integrating novel features such as customer messaging that are not supported in the X-Pay models; Security all key management and cryptographic processing is performed in-house; no keys or other security assets need be shared with third parties; Network independence with no OBO processes being performed within any networks, transactions for international and domestic card brands can be routed over networks of acquirers and issuers choosing, resulting in lower network costs. 6

In-House EMV Delivers Card and Mobile Benefits Offering mobile payment services to customers should not need a fundamental change in issuing and authorization processes. Whether a card is physical or digital, tokenized or not, can all be driven from the same platform. If, as an issuer, your issuing and processing services are outsourced to a service provider and/or delegated to one or more card networks, the combined benefits of in-house card and mobile operation will provide a rapid return on investment. Proxama s Digital Enablement Platform is a self-contained solution for EMV card and CBP mobile payments that can be delivered as components or as a software appliance, and is easily integrated into an existing back office infrastructure. Proxama DEP is based on our core EMV processing components as deployed by Fiserv and Navy Federal CU for their EMV card operations, and adds an EMVCo-compliant Token Server, HCE-specific credential management and a certified HCE mobile payment SDK to provide an end-to-end solution. There s more; industry and regulator pressure will mean that over time, the X-Pays will open their channels to third-party and individual issuer tokenization and provisioning services. Proxama DEP has been architected to provide access to these channels when they become available, delivering to issuers and processors the ability to manage physical cards, cloud based payments and X-Pay models from a single platform, with on-going compliance and compatibility guaranteed by Proxama. We have demonstrated for many customers that there is a positive business case for in-sourcing EMV card issuing and processing and we have case studies that back this up. Contact us today to find out how your business will benefit from taking control of your card and digital destiny. 7

Proxama is a global payments and proximity marketing software business based in London, with offices in New York and representation around the world. Our legacy reaches back to the origins of EMV in Europe and we have been helping card issuing businesses migrate to EMV for more than ten years. We have customers in the US, Europe, Africa, Middle East and Asia and our solutions are responsible for the issuance and management of hundreds of millions of EMV cards. Our EMV heritage now positions us to be a leader in NFC mobile payments with solutions based on our proven industrial-strength software components for physical and digital card issuing, tokenization, credential management and transaction processing. About the Author Nigel Beatty has over 30 years experience in the card payments business and is a recognized expert and thought-leader on smart card and EMV implementation. In addition to serving with a number of blue-chip card issuers, Nigel held the post of Technical Manager of Switch, the UK s national debit card scheme and was responsible for its migration to EMV. Nigel was also Programme Manager for the introduction of EMV cards into Hong Kong. Nigel was with Aconite for over 10 years prior to its recent acquisition by Proxama, and is now responsible for global business development, with particular focus on the United States. www.proxama.com hellopayments@proxama.com US +1 646 931 0870 UK +44 (0)203 688 2888

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information