EMV Migration Economics - Comparing Native and MULTOS smart card choices



Similar documents
How To Protect A Smart Card From Being Hacked

A Guide to EMV. Version 1.0 May Copyright 2011 EMVCo, LLC. All rights reserved.

Smart Tiger STARCHIP SMART TIGER PAYMENT PRODUCT LINE. Payment. STiger SDA. STiger DDA. STiger DUAL

Card Technology Choices for U.S. Issuers An EMV White Paper

A Guide to EMV Version 1.0 May 2011

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization

Fundamentals of EMV. Guy Berg Senior Managing Consultant MasterCard Advisors

Banking. Extending Value to Customers. KONA Banking product matrix. is leading the next generation of payment solutions.

Visa Recommended Practices for EMV Chip Implementation in the U.S.

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group

OT PRODUCTS AND SOLUTIONS EMV-IN-A-BOX

EMV and Small Merchants:

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud

Enhancing the Contactless Cards UAT. Enabling faster and efficient transactions.

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

The Canadian Migration to EMV. Prepared By:

Smart Cards for Payment Systems

MasterCard Contactless Reader v3.0. INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0

What Merchants Need to Know About EMV

American Express Contactless Payments

EMP's vision is to be the leading electronic payments processing company in the emerging markets of Africa and the Middle East.

Payments Transformation - EMV comes to the US

PCI and EMV Compliance Checkup

THE APPEAL FOR CONTACTLESS PAYMENT 3 AVAILABLE CONTACTLESS TECHNOLOGIES 3 USING ISO BASED TECHNOLOGY FOR PAYMENT 4

ACI Card and Merchant ManagementTM solutions overview

EMV and Restaurants: What you need to know. Mike English. October Executive Director, Product Development Heartland Payment Systems

PayPass M/Chip Requirements. 10 April 2014

White Label Payment Olivier Sanrey

Worldwide Smart Card Implementations using GlobalPlatform Standards

EMV Chip Card Payment Standard: Perspective

Caribbean Electronic Payments

welcome to liber8:payment

Your Reference Guide to EMV Integration: Understanding the Liability Shift

Mobile Payment: The next step of secure payment VDI / VDE-Colloquium. Hans-Jörg Frey Senior Product Manager May 16th, 2013

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

Asian Payment Card Forum Growing the Business: Launching Successful Consumer Payments Products

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Mobile MasterCard PayPass Testing and Approval Guide. December Version 2.0

THE ROAD TO U.S. EMV MIGRATION Information and Strategies to Help Your Institution Make the Change

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard

Mobile Near-Field Communications (NFC) Payments

U.S. EMV Debit Implementation Guidelines for POS Acquirers

White Paper. EMV Key Management Explained

Transaction Security. Advisory Services

EMV FAQs. Contact us at: Visit us online: VancoPayments.com

M/Chip Functional Architecture for Debit and Credit

Euronet s Contactless Solution

FAQ EMV. EMV Overview

EMV FOR U.S. ACQUIRERS: SEVEN GUIDING PRINCIPLES FOR EMV READINESS

Questions & Answers clarifying key aspects of the SEPA Cards Framework

FAQ Credit Card (PIN & PAY)

Secure Financial Transactions Any Time, Any Place

CRESCENDO SERIES Smart Cards. Smart Card Solutions

the region s leading payments company

INTRODUCTION AND HISTORY

U.S. Bank. U.S. Bank Chip Card FAQs for Program Administrators. In this guide you will find: Explaining Chip Card Technology (EMV)

NEWSLETTER PAX TECHNOLOGY. March Your Payment Partner of Choice

EMV: A to Z (Terms and Definitions)

We believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating

Concept of Debit Card as a means of payments in Malaysia. The acceptance of electronic payment systems among Malaysian consumers

functions and components can be selected and set up at any time by a product engineering team.

Card Payments Roadmap in the United States: How Will EMV Impact the Future Payments Infrastructure?

EMV-TT. Now available on Android. White Paper by

Advanced Card Systems Ltd.

Apple Pay. Frequently Asked Questions UK Launch

What is EMV? What is different?

Grow with our omni-channel payment processing technologies and merchant services.

EMV in India: Giesecke & Devrient India. Mastering Successful Implementations with G&D

The Future is Contactless

Android pay. Frequently asked questions

Apple Pay. Frequently Asked Questions UK

MasterCard PayPass. M/Chip, Acquirer Implementation Requirements. v.1-a4 6/06

The EMV Readiness. Collis America. Guy Berg President, Collis America

Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011

A RE T HE U.S. CHIP RULES ENOUGH?

Transaction Security. Training Academy

EMV in Hotels Observations and Considerations

How Secure are Contactless Payment Systems?

E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y. February 2014

Introductions 1 min 4

GLOBAL MOBILE PAYMENT TRANSACTION VALUE IS PREDICTED TO REACH USD 721 BILLION BY MasterCard M/Chip Mobile Solution

Frequently asked questions - Visa paywave

Preparing for EMV chip card acceptance

Information about this New Guide

IDENTITY SOLUTIONS END-TO-END SYSTEMS SOLUTIONS TO PROTECT IDENTITIES AND SECURE ACCESS FOR A MOBILITY WORLD

Omnichannel Payments

EMV Chip and PIN. Improving the Security of Federal Financial Transactions. Ian W. Macoy, AAP August 17, 2015

Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007

Credit card: permits consumers to purchase items while deferring payment

Need to be PCI DSS compliant and reduce the risk of fraud?

Unleashing the Power of Smart Payment

Chip Card (EMV ) CAL-Card FAQs

Transcription:

EMV Migration Economics - Comparing Native and MULTOS smart card choices 1 Introduction As a result of growing losses caused by various kinds of credit card fraud, and with the expanding possibilities for making payments over open networks such as the Internet, the card issuing associations such as MasterCard and Visa have been working to develop more secure payment solutions. The standard developed and agreed by the above associations for reducing fraud related to the copying of magnetic stripes and card counterfeiting was the "EMV" standard for debit and credit smart cards. MasterCard and Visa are now working with member banks and merchants to migrate to "chip" and since January 2005 the liability for fraudulent transactions has shifted to the non chip accepting party in most regions. In many markets, the cost of EMV migration outweighs the cost of the fraud it will prevent, so some issuers are looking for ways in which the migration to chip can add value to their card programmes. Multi-application smart cards based on open standards often form part of this strategy, since they can enable card issuers to combine packages of applications on one card that match the lifestyle of their cardholders thereby enhancing the value of the card to the consumer, increasing his spend using the preferred card, and improving customer retention. However, multi-application smart card projects are sometimes perceived as being complex and expensive to implement. This paper demonstrates that a new alternative now exists, in the form of MULTOS step/one, which offers issuers all the supply chain management benefits of open standard smart cards, plus limited multi-application capability, at prices competitive with native cards. 2 EMV Options 2.1 Card Association EMV specifications: Today financial card issuers all over the globe are either executing or planning their EMV chip migration. In the case of MasterCard members, the EMV specification with which they must comply is M/Chip. In the case of Visa this specification is Visa Smart Debit Credit (VSDC). In addition both American Express and JCB have defined their own versions of an EMV specification. In the case of JCB this is called J-Smart. 2.2 Static vs Dynamic Data Authentication: EMV Terminals need to be able to authenticate that the EMV transaction data generated by the card is genuine. This can be performed without the terminal needing to go on-line with Static Data Authentication (SDA) or Dynamic Data 1

Authentication (DDA). In the case of SDA, the same digital signature is used by the card to authenticate itself each time an offline transaction takes place. This means that it may be possible to copy that card s data, and create a duplicate card using programmable smart cards. Cloned SDA cards cannot be blocked if they are used in off-line terminals, but can be detected as soon as the terminal goes on-line. For this reason the threat of SDA card cloning is judged to be less of a threat than the current magnetic stripe technology. SDA is the most common deployment of EMV smart cards to date, since they do not require RSA cryptographic support in the chip, and so are less expensive. The solution recommended for greater security is Dynamic Data Authentication, because it protects against the cloning of chip cards and against so-called "replay attacks". This is because a DDA terminal can dynamically authenticate that a DDA card is a genuine card off-line, by sending a challenge to the card which is processed by the card s RSA co-processor, and responded to. The disadvantage of DDA is that the requirement for an RSA co-processor makes the smart card more expensive than a simple SDA card. Both MasterCard and Visa have defined EMV smart card implementation options for DDA and SDA. 3 Native vs Open standard card issuance. The cost of introducing EMV smart cards and acceptance infrastructure is a major investment, which may initially cost more than the current cost of magnetic stripe card fraud. For this reason, many issuers try to generate other revenue streams from smart card and terminal deployment by adding other value added applications such as Authentication, Electronic Purse, Ticketing or Loyalty. The benefits of multiple applications on one card are that if the applications add convenience or other benefits for the cardholder, or enable the cardholder to carry fewer cards in his wallet, the card becomes more valued by the cardholder, so promoting usage of the top of wallet card, and hence generating greater transaction revenue for the issuer of the payment application(s). 3.1 Fixed (Single) Application Native Cards Single Application EMV SDA smart cards based on chips with a small (2-4 kb) E2P memory and no RSA co-processor, employing native operating systems are sufficient to comply with the Data Data Data Data minimum requirements of EMV. X Native EMV products are Native EMV Loyalty EMV Loyalty supplied by a limited number of Code Code Code Code Code smart card companies around the world who have the skills Proprietary OS A Proprietary OS B necessary to develop an EMV Chip Hardware A Chip Hardware B smart card application in native code (i.e. languages that are specific to a particular silicon chip). This code is fixed in the Read Only Memory of the chip, and cannot be changed after the chip is manufactured. See figure: E2 E2 Chip Hardware A Chip Hardware B 2

The benefit of this is that the cost of the chip card is kept to a minimum. The disadvantage is that the cards are unable to have their functionality changed or to support other applications unless they too are developed in native code and masked in, which can take considerable time and cost to get security approved, and the product itself is proprietary to a particular smart card manufacturer, so changing card supplier may have an impact on the issuer s card personalisation arrangements. 3.2 Open Standard / Multi-Application Cards: The alternative is the open standard, multi-application smart card. An Open Standard card such as MULTOS or JavaCard is able to load and execute an application s software on its virtual machine in a standard manner, and therefore be available in interoperable versions from lots of different suppliers. Also instead of the EMV application or other applications being coded in native code and burned into the chip s at manufacture, the applications are loaded into the Programmable chip memory (E2P) at personalisation, and so can be changed or added to during the life of the card. See figure: EMV PKI Application A Application B E2PR OM EMV PKI Application A E2PR OM MULTOS / JavaCard API MULTOS / JavaCard Virtual Machine MULTOS / JavaCard API MULTOS / JavaCard Virtual Machine Vendor / MULTOS OS Vendor / MULTOS OS Chip A Chip B 3.3 Introducing MULTOS MULTOS is the world s leading open standard multiapplication smart card operating system* (*JavaCard defines an API & Virtual Machine, but not a complete operating system). The MULTOS specifications define a complete end to end architecture: the MULTOS Application Abstract (or Virtual) Machine (AAM), Application Programming Interface (API) and Operating System, which includes the mechanism for initialising chips, managing the secure loading and deleting of applications into E2P, and the application firewall security mechanisms which must be implemented to a security assurance level capable of achieving ITSEC E6 High (the highest possible security assurance rating for IT products). 3

The following diagram shows the structure of a MULTOS Card. 3.3.1 Defining Open Standards The term Open standards can be interpreted in different ways. Open standards are enshrined in the MULTOS proposition as follows: 3.3.1.1 Open Application Development The API for developing new applications is freely available. Applications can be developed in a variety of languages, ranging from C and Java to low level Assembler (MULTOS Executable Language or MEL ) and compiled to run on any MULTOS Type Approved device: MEL Editor C Compiler Java Compiler / Translator Application MULTOS Renesas MULTOS Infineon MULTOS Samsung 3.3.1.2 Open Application Personalisation and Loading The specifications for creating so-called Application Load Units consisting of the application code and data that is to be loaded to a MULTOS card using a high security mechanism are freely available, so multiple products have been developed to perform data preparation and loading of MULTOS applications exist. 3.3.1.3 Open Governance of MULTOS specifications by MAOSCO The MULTOS specifications are governed by MAOSCO the Multi-application operating System Consortium - a consortium of companies who manage the further development of the MULTOS specification in an open and democratic manner: 4

The MAOSCO Consortium 4 Benefits of MULTOS vs Proprietary Smart Cards 4.1 Faster time to market with new applications for consumers 4.1.1 Faster application development and deployment First of all, many software development companies, and even card issuers have procured a Smart Card Application Development Tool for MULTOS, and using standard languages such as C or Java, have been able to quickly develop their own applications for MULTOS. With open standard cards, the applications on the cards do not have to be developed by the operating system developer. As a result, applications can be prototyped on MULTOS in a matter of days (or even hours in some cases). Secondly, a large number of applications for MULTOS cards have already been developed and are available off the shelf from independent application providers. A selection of existing MULTOS applications are shown in the table below: Payment Applications: EMV applications available for all MULTOS devices: MasterCard M/Chip 4 Lite & Select in all configurations including: o Chip Authentication (CAP) o Pre-Authorised Debit o Paypass MasterCard M/Chip 2 Lite & Select Visa VSDC 1.4 SDA & DDA Amex EMV SDA & DDA JCB JSMART SDA & DDA Common Payment Application due for release 4 2006. Additional payment applications: Bo, FISC, Moneo, K-Cash, SEED, T- MONEY Off the shelf Applications: Single Sign On applications: IdentiPhi, SCB Solutions PKI Applications: Advanced Encryption Technologies, PIV (StepNexus), Keycorp, Smartcon Biometric applications: Precise Biometrics Fingerprint Match On Card, Hitachi Fingervein Match On Card, Cogent Fingerprint Matching Data Storage and Loyalty: MasterCard Open Data Storage (MODS), MulteFile (ecebs), Multi-pockets (DNP), ISO Files (Keycorp), Welcome Realtime, Cassis loyalty and many more. GSM & Transit SIM, USIM, ITSO, Mifare, KCG 5

4.1.2 Faster route for type approval of EMV and other applications against Payment Scheme certification requirements: Issuers and vendors also need to take into consideration the certification requirements laid down by the payment card schemes for EMV and other applications residing on the EMV card. To give an example, MasterCard s CAST or Compliance and Assessment Security Testing process requires the EMV application to pass an implementation review or a Common Criteria evaluation. In addition, any additional non-emv applications must be tested to ensure that they have no impact on the EMV application (Implementation review or Firewall testing) and that the non-emv application itself cannot be easily compromised (Risk Assessment). Implementation Reviews / Firewall Testing and Risk Assessments have to be carried out by recognised test laboratories, who charge for their services. But in the case of type approved and security evaluated MULTOS devices, the Implementation Reviews / Firewall Testing is not necessary, because the M/Chip EMV application is already supplied as a CAST approved application, and the MULTOS ITSEC E6 High firewalls already guarantee that additional applications cannot affect the EMV application. So MULTOS is the most cost effective solution for enabling issuers to deploy EMV cards with one or more additional applications: MasterCard CAST Policy trusts MULTOS: CAST Requirements: Symbol Native JavaCard MULTOS CAST of M/Chip application and chip OS / hardware CAST of Value added applications impact on M/Chip application (firewall testing) CAST of Value added applications Risk Assessment (Is the application fit for purpose?) Required Required Not CAST required. Approved. (M/Chip(Chip 4 supplied & OS by CAST MAOSCO, and EAL M/Chip 4+ evaluated) 4 supplied CAST and EAL 4+ evaluated) Required per per app Required per per app Not required (MULTOS combination app combination app combination Firewalls ITSEC E6 High / / combination EAL4+ evaluated) Required per per app Required per per app Required once per app app and app per and chip per and app per and chip per valid on any platform chip chip App Data Native M/Chip Code Native OS App Data Native Loyalty Code Specific Chip E2 M/Chip PKI JavaCard API JavaCard Virtual Machine Vendor OS Specific Chip Application A E2P M/Chip PKI MULTOS API MULTOS VM Application A Any MULTOS Chip E2P 4.2 Continuity of Supply For some consumers, their credit or debit card is an essential tool for their business or personal life, as it enables them to pay for goods and services when travelling on business or for pleasure, or if they do not have time to go to a bank branch during opening hours to withdraw cash. Hence, if a consumer loses their card, or if it is 6

stolen, it is essential that the card can be replaced quickly. For this reason, financial institutions place significant value on the ability to maintain continuity of supply of their payment card products. Ensuring smooth supply of cards based on magnetic stripe technology has become relatively simple for issuers to manage, since nearly all card manufacturers about one hundred around the world - can supply a card compliant with the relevant standards and the equipment for personalising magnetic stripe cards is relatively easy to install and run. So if one supplier was not able to meet the deadlines demanded by the card issuer, a back-up supplier of cards or personalisation services could easily be activated with little notice. However, with the move to EMV, the number of suppliers who can supply products that are fully compliant with the relevant EMV chip standards is drastically reduced. And furthermore, the cost for an issuer to install his own chip data preparation and personalisation equipment is significantly higher and more complex than for magnetic stripe, making more issuers reliant on outsourced data preparation and perso services. 4.2.1 EMV Chip Data Preparation Therefore an issuer who wishes to ensure a smooth supply of cards to cardholders has to choose between making an expensive investment in systems, machinery and expertise, or to outsource chip card data preparation and / or personalisation to a local personalisation bureau or to the chip card manufacturer themselves. The decision the issuer takes will depend on a number of factors. As far as EMV chip data preparation is concerned, an issuer who wishes to maintain in-house control of his EMV Issuer keys used to derive the EMV chip data will have to invest in a Data Preparation system capable of securely hosting keys and preparing chip data. Various suppliers of such systems exist. Generically these systems are referred to as P3 or Personalisation Preparation Process systems. An issuer could outsource this element of data preparation to the card personalisation bureau, but this means that the issuer must trust the bureau, and be contractually tied to use that bureau s personalisation services. If an issuer wished to use the services of two or more personalisation bureaux, in order to ensure a backed-up supply chain for card issuance, the most flexible solution would be for the issuer to host his own P3. 4.2.2 Multi-sourcing EMV Chip Card Personalisation: Native Cards If the issuer wishes to have a second source of supply for EMV card manufacture, and wishes card vendor B s bureau to personalise native cards from card vendor A, there will be a cost incurred by card vendor B s bureau to adapt their systems to support initialisation of the smart card from Card Vendor, a cost which is likely to be passed onto the card issuer. As in the in-house scenario, each additional application supported will also require changes to the personalisation software system for each native card vendor that the card issuer purchases chip cards from. See figure: 7

Chip Supplier Card Manufacture and Embedding Native Card Perso Chip X Chip Y Chip Z Card Vendor A Card Vendor B Card Vendor C $$ $$ Vendor A Perso Bureau Vendor B Perso Bureau 4.2.3 Multi-sourcing EMV Chip Card Personalisation: Open Standard Multi- Application cards The aim of Open standard" multi-application smart card platforms is to define standard interfaces for application development, platform security and loading of applications. Whilst more than one open standard for multi-application smart cards exists, MULTOS is the only one today that has a detailed enough specification and enforced type approval procedure to guarantee that multiple MULTOS chip products can be supported in a card personalisation system without any changes being required to the chip personalisation software whatsoever if the card issuer multisources or switches silicon chip, embedding or personalisation centre. It is thanks to the end to end interoperability of MULTOS products that the smart card supply chain is made easier to manage and less expensive to implement. See figure: Chip Supplier Card Manufacture and Embedding MULTOS App Loader Issuer s Application(s) Data Prep MULTOS Chip X MULTOS Chip Y MUTOS Chip Z Card Vendor A Card Vendor B Card Vendor C Local Bureau Issuer s Bureau 3 rd Party Applications Because of MULTOS s standard application loading interface, regardless of the MULTOS chip card or embedding supplier, if the card issuer wishes to add a new application, the software to personalise the application only needs to be developed once, and it will work with any MULTOS chip. Whether it is the card issuer who personalises his own cards or a third party bureau, maintaining back up sources of supply is easier to manage and requires no additional personalisation software development if multiple chip sources are being used. 8

This is because MULTOS is unique in that MULTOS applications can be personalised in advance, as part of the data preparation process, and then sent as a file to any bureau that has a standard MULTOS Application Loader capability. This process is what gives issuers maximum flexibility and control over the speed at which they add new smart card applications to their offering, since if they control the data preparation process, introducing new applications has minimal impact on the rest of the supply chain. 4.3 Introducing MULTOS step/one For many financial institutions facing EMV migration for credit and debit cards the imperative is for rapid deployment at the lowest possible cost. These organizations are concerned with their first smart card project and infrastructure and support investments often drive them towards lowest cost smart cards. MULTOS step/one is based on the MULTOS specification but engineered for an entry level issuer who is prepared to limit card options and some functionality. Focused on static data authentication (SDA) profile EMV cards, MULTOS step/one provides a multi-application secure smart card platform with reduced infrastructure demands, yet incorporating all of the heritage and experience of MULTOS. MULTOS step/one ensures that issuers infrastructure, data preparation systems and personalization investments can be built upon into the future to accommodate dynamic data authentication (DDA) through MULTOS, with no significant changes. MULTOS step/one also imposes a more flexible approach to security evaluation, providing a framework to support a range of approaches. With its focus on rapid issuance, MULTOS heritage and sustainable infrastructure investment, MULTOS step/one provides a unique entry level solution to EMV migration. Introducing MULTOS step/one: WHAT S DIFFERENT? Specification defines symmetric key based application loading mechanism allowing use of smaller DES only chips TARGETED at limited functionality SDA EMV migration Hence there is no requirement for a MULTOS KMA Symmetric key Enablement Data and Certificates generated by standard Data Preparation Products Entire code and fixed data of core applications such as M/Chip & MODS in allowing use of less expensive <4KB E2P chips Competitive with Proprietary Cards WHAT S THE SAME AS MULTOS? Multi-sourceable still MAOSCO type approved Open standard still develop in C or Java, compile for one MULTOS chip, and run on another. Will run any existing MULTOS app (non RSA) BENEFIT F OPEN STANDARDS IN SDA STAGE OF EMV MIGRATION, AND PROTECT INVESTMENT ON TRANSITION TO DDA and Multi-app. Data M/Chip4 Data MODS My App E2 Data M/Chip4 Data MODS My App E2 MULTOS API MULTOS VM MULTOS API MULTOS VM 4K E2 Infineon DES Chip 32K E2 E Renesas / RSA Chip 9

The advantage of MULTOS step/one is that it offers all the advantages of MULTOS (for non-rsa applications) at a cost competitive with native cards. 5 MULTOS Solutions for EMV Migration 5.1 EMV Debit / Credit Applications 5.1.1 M/Chip 4 for MULTOS M/Chip 4 is MasterCard s latest version of M/Chip. M/Chip 4 for MULTOS is a fully M/Chip 4 (Lite and Select) compliant EMV application available off the shelf from MasterCard and licensed to vendors. The features of M/Chip 4 for MULTOS are as follows: M/Chip 4 for MULTOS can be configured to support the following MasterCard products: MasterCard Credit Maestro Debit Cirrus ATM MasterCard Chip Authentication Programme MasterCard Pre-Authorised M/Chip 4 for MULTOS can be configured to support the Lite (SDA) profile or Select (DDA/CDA) profile (fully EMV 2000 compliant). Select configuration supports enciphered or plaintext PIN is supported All card risk management parameters can be changed post issuance Card Block or Application Block/Unblock supported Supports Currency Conversion Card risk management velocity checking M/Chip 4 Application code can be loaded into E2P (4kB), but is codeletised in of all the latest MULTOS masks, including MULTOS step/one. Application Data occupies under 2.5 KB in E2P Evaluated to EAL4+ / CAST approved Supplied with the M/Chip 4 for MULTOS Customisation Utility, a Windows based configuration tool which allows the user to select which features of M/Chip 4 to implement and generates an automatic output file that can be imported directly into most EMV Data Preparation Systems. 5.1.2 VSDC for MULTOS Visa Smart Debit Credit for MULTOS has been developed by ismart in response to demand from dual-issuers, and has been successfully submitted for type approved by Axalto to Visa International. The existing application supports the VIS 1.4.2 specifications and supports both SDA and DDA configurations, and the VSDC application code has been codeletised into a number of MULTOS and MULTOS step/one masks. 5.1.3 Amex and JCB for MULTOS Both the Amex EMV application and the JCB EMV application (J-Smart) have been developed and are available on the MULTOS / MULTOS step/one platforms. 10

5.2 Multi-Application Management Systems for MULTOS Nearly all the commercial providers of multi-application card personalization and card / application management systems support MULTOS in their products. One of the key advantages of MULTOS over its competition is that the MULTOS personalisation mechanism is the same for all MULTOS implementations, so personalisation or card management products do not have to support multiple versions of the same standard. Furthermore, MULTOS allows alternative methods for applications to be personalized. Either the applications can be loaded onto unpersonalised MULTOS cards, and then the application can be personalized on the card; OR the application can be personalized with unique cardholder data beforehand, and the entire personalized application code and data can be sent to the MULTOS card as an encrypted block for decryption within the secure confines of a specific MULTOS card. 5.2.1 Cost effective Branch Issuance of MULTOS cards The advantage of the MULTOS asymmetric mechanism is that data preparation of MULTOS applications, such as EMV, Loyalty etc can take place in a central location, and then be distributed to multiple remote locations, such as branches without the need for dedicated lines of communication to the branches, and without the need to have Hardware Security Modules connected to the desktop personalisation equipment in each branch. For a full list of card personalisation and card management systems see the MULTOS Product Directory at www.multos.com. 5.3 MULTOS Chip Platform Roadmap Today multiple type approved MULTOS devices are available on the Infineon, Renesas, and Philips families of microprocessors, ranging from 4kB to 64kb of E2P devices, with new devices coming available from Samsung Semiconductors shortly. Dual-interface contactless parts are available now. See figure: MULTOS OS Developer Keycorp DNP/Hitachi Samsung SDS 64K I4D I4Dc SM 10 SM 20 E2P Size 32K 16K I4D I4D I4Dc P4C AE 45X AE 45C AE 45CH SM 10 SM 20 8K IC2 s/o IC2 s/o AE 43Cb SM s/o 4K IC2 s/o Infineon Philips Renesas Samsung =Contactless 11

For technical details of the various available MULTOS implementations, see the MULTOS Implementation Report available in the Developer section of the MULTOS website. 5.4 How Does MULTOS Compare With Other Open Standard Multi-Application Smart Card Platforms? It is outside the scope of this white paper to go into the detail of why MULTOS is the only open standard multi-application smart card platform on the market today that fully realises all the benefits brought by open standards, interoperability, and multiapplication security. Suffice to say that unless an open-standard multi-application smart card platform guarantees 100% interoperability from the perspective of loading, executing and securing applications, then it is little better than the native proprietary solutions it was designed to replace. MULTOS guarantees 100% interoperability by defining the multi-application smart card specification from end to end including the operating system itself, the Virtual Machine, the API and the security requirements, compliance to which is also guaranteed through the strict type approval and security evaluation of MULTOS chip products required by MAOSCO Ltd. But a high level summary of the key differences between MULTOS and GP/JavaCard can be summarised below: MULTOS One End to End Specification One End to End 3 rd Party Type Approval Multiple fully Interoperable Products Mandated Security Off-card personalisation facilitating Multi- Application Management Smaller code size = less expensive chips: enabling the MULTOS step/one concept GP JavaCard GP Spec for Load / Delete, SUN spec for JavaCard VM, Proprietary OS No single 3 rd Party End to End Test Multiple non-interoperable Products Security optional On-card perso only requiring secure session with card Bigger code size and greater resource requirements = no MULTOS step/one equiv EMV PKI MULTOS Load Delete Mechanism MULTOS API MULTOS AAM MULTOS OS E2 EMV PKI Global Platform Load Delete JavaCard API Mechanism JavaCard VM Vendor s Proprietary OS E2 Chip Chip 6 Reference projects moving from native to MULTOS Case Study 1: Asia Pacific MasterCard members EMV migrations MasterCard banks migrating to EMV across Asia Pacific have embraced MULTOS en masse. Over 40 financial institutions in 5 countries have deployed EMV on MULTOS, with additional applications ranging from contactless payment, to loyalty, chip authentication and mass 12

transit. By offering volume commitments to module suppliers, MasterCard Asia / Pacific was able to drive prices for MULTOS cards to levels that were as competitive or better than native card prices. The OneSMART card pricing agreements drove multi-application card pricing down to $2.99 in 2001, to $1.99 in 2003, and to $0.99 for MULTOS step/one cards in 2005. 5+ Issuers including: Kookmin Bank Chohung Bank Hyundai Card BC Card S amsung Card China South Korea Japan MasterCard & J CB issuers EMV & Fingervein Biometric J apan R esidential Card HK Taiwan Thailand P hilippines Malays ia Brunei Singapore 15+ Issuers including: Indonesia Alliance Bank Malaysia Ambank Berhad Bank Islam Malaysia HSBC Bank Malaysia Berhad Malayan B ank Aus tralia MBF Cards (Malaysia) SDN BHD OCBC Bank Malaysia Berhad P ublic Bank RHB Bank Berhad Southern Bank S tandard Chartered Bank Bumipatra Commerce Bank Berhad Bank of P hilippine Islands NZ 15+ Issuers including: Cathay United Bank Chang Hwa Bank Chinfon Comm Bank Cosmos Bank E Sun Bank F ar E astern Int. Bank Int. Bank of Taipei Land Bank of Taiwan Taiwan Co-Op Bank Union Bank of T aiwan The success of the multi-application programmes of MasterCard issuers is now spreading to other regions including the Middle East, Europe and Latin America. In every case, where issuers have deployed on MULTOS they are able to benefit from the latest innovations in payment products such as Paypass for contactless payments, or Chip Authentication for secure on line payments. The two case studies that follow outline two of the most successful and ground breaking projects by MasterCard members in Asia and Europe: Case Study 2: Taiwan Money Card OneSMART Paypass & Pre-Authorised for Mass Transit on dual interface MULTOS - the world s first payment smart card to combine both transportation and shopping: In October 2005, Kaohsiung City Government (KCG), the second largest city in Taiwan, launched the Smart Transport Card Project, as part of its initiative to transform Kaohsiung into an e-city through the deployment of next-generation technologies. Using multiple application smartcards as part of a wider project to implement a cost-effective, high-performance and open standards-based computing and communications platform, the project aims to accelerate the city's economic development. The KCG Smart Transport Card Project introduces a truly integrated retail and transport payments solution, through extending open retail payments based on contactless EMV (Paypass) into the transport system (rather than trying to expand a closed transport card scheme into retail payments). Two types of cards are being issued by MasterCard Taiwan members. The Standalone Card for children, non-local and non-banked customers, features a single payment brand (associated with transport payments in this market), utilising OneSMART pre-authorised and PayPass technology. The second card, Payment Plus, is aimed at existing cardholders and new account customers and is a dual-branded card including MasterCard credit and/or debit. The Pre-Authorised Debit configuration of the Paypass EMV application means that it can also be 13

used like an e-purse. Card holders can top up their Pre-Authorised balance, and then spend it in any merchant or transport acceptance point, whether contact or contactless. The real advantage is that cardholders do not need to manage two balances. Instead, they have one balance, that allows them to spend their value on ordinary goods at any EMV accepting merchant or for bus journeys. Using the MULTOS platform, the open standards environment enables both proprietary and off-the-shelf applications to be added pre- or post-issuance. This encourages more competitive sourcing and global interoperability based on EMV, MULTOS ISO 14443 (Type A/B) contact-less technology and the PayPass global standard for contactless payments. Case Study 3: Banka Koper: OneSMART Authentication & Web on MULTOS Headquartered in the South West of Slovenia, a new member state of the European Union, Banka Koper has been operating for 50 years and is currently the country s seventh largest bank. Since December 2004, Banka Koper has started routinely converting its 800,000 Activa Maestro Debit cards and 200,000 Credit cards to EMV on MULTOS. Then in May 2005, Banka Koper implemented the MasterCard Chip Authentication Programme to provide stronger authentication for their online banking, phone banking and electronic commerce customers and cardholders performing transactions online, thereby removing any risk of Username and password phishing. Smart card readers were issued to the bank s retail customers for use in conjunction with their EMV bank cards. Users authenticate their details via a portable CAP card reader when accessing their bank account or shopping online. After tapping their PIN into the reader, a unique password is securely generated which the user types into the web page when prompted. By entering a one use only password, rather than the normal fixed password, the likelihood of password fraud is dramatically reduced and limited to a specific web connection. From this month Banka Koper is introducing another added value, OneSmart WEB functionality. The cardholder can now enter and store information such as name, address, credit card data, favourite websites and passwords for access to encrypted data. Notes can be added and forms downloaded from websites can be completed automatically. Cardholders pay for goods and services, use POS terminals, shop via the Internet and withdraw cash at ATMs normally and at no additional cost. Banka Koper is the first financial institution in the world to successfully deploy OneSMART Authentication and Web, and according to Gojmir Nabergoj, head of Banka Koper s Electronic Money and Automation Division, MULTOS allows us to meet all our requirements on one platform. Indeed, one of the primary drivers for implementing MULTOS was its interoperability and open standard architecture. Based on the platform, we write our own applications, tailored specifically for customers in the domestic, international and corporate sectors. In 2006, Banka Koper also plans to migrate its portfolio of Visa cards to chip with the newly type approved VSDC for MULTOS solution. Case Study 4: Turkish Military ID card project 14

In August 2005, the Turkish Armed Forces (TAF), the second largest armed force in the NATO Alliance, announced that it was deploying a multi-application smart card based on dual interface MULTOS technology for issuance to all servicemen and their families. TAF plan to rollout two million smartcards within 12 months. The new military ID cards will incorporate a number of applications: e-purse functionality for spending allowances at shops on base. The epurse application is actually supplied by Oyak Bank, a leading Turkish financial institution that provides financial and pension management services to the Turkish Military. The application is based on the open EMV standard, using MasterCard s M/Chip payment function configured as Pre-Authorized Debit. This allows the card to be used in standard EMV payment terminals, and transactions can be processed using standard EMV networks. The difference to a standard EMV Chip & PIN transaction being that the cardholder must Pre- Authorize a balance for spending on the card, meaning that it functions as if it were an epurse. Physical access control for access to controlled areas on Turkish Military bases. PKI application for logical access control and digital signature Healthcare application storing emergency healthcare details, of soldiers and family members. The TSK smartcard project utilizes the strengths of the MULTOS smartcard platform, including its extremely high security and the ability to add extra applications without having to replace the cards. Keycorp will supply the MULTOS technology together with its Public Key Infrastructure (PKI) security application and specially customized ID and health applications. As in the other projects above, TAF have also implemented and operate their own independent MULTOS Key Management Authority so as to maintain total sovereignty over production of chips and keys that enable chip activation and content loading. Case Study 5: Banrisul Brazil EMV & PKI chip migration As a leading regional financial and banking institution in Brazil, transaction security and customer satisfaction is high priority for Banrisul. To fulfill that priority, Banrisul wanted to increase the channels through which customers could access and manage their finances, whilst maintaining integrity and security of customer assets. Solution Objectives 1. Extend access to payment products, whilst increasing Payment Network (ATM and POS) security. We wanted to exploit the off line risk management properties of EMV (Europay, MasterCard, Visa) smart cards and terminals to enable us to offer payment cards to a much wider proportion of our account holders. To do this securely, we needed a smart card platform that could support enhanced features such as Dynamic Data Authentication (DDA), Combined Dynamic Data Authentication (CDA), enciphered off-line PIN authentication, and full-grade authorizations. By developing our own EMV application on MULTOS, we were able to achieve this said Jorge F. Krug, senior IT security executive of Banrisul. 2. Increase Internet Channels security. 15

We also wanted to offer secure access to accounts over the internet. By developing our own PKI application on MULTOS, we have been able to introduce a solution that employs enciphered off-line password authentication and on-line transaction signature validation. The signatures are generated and validated according to a PKI framework known as ICP- Brasil (Brazilian National PKI Standard) that grants legal non-repudiation and authentication of every transaction signed with ICP-Brasil certificates. Since the card generates a signature for every transaction and this signature is validated at the authorizers, there is a high level of security associated.. 3. Empower customers with a single, secure and flexible card that can be used both at the current payment networks and at Internet channels Giving each customer a smart card capable of executing banking and PKI applications, while also capable of receiving new applications in the future without having to issue new cards is a tremendous convenience for our customers and offers a cost saving for Banrisul. A single MULTOS card combining EMV & PKI, is less expensive than issuing separate proprietary OS EMV and PKI cards. Superior Turnkey Flexibility: Banrisul was careful to ensure that it was not tied to a single vendor for all of its smart card needs. One of the key needs was a technology that gave the bank flexibility in chip suppliers, personalization bureaus, and the ability to add their own applications in the future. After exploring JavaCard, FlashCOS, and proprietary EMV and PKI solutions, Banrisul determined that the StepNexus MULTOS platform was the most secure and flexible system available on the market. Having decided for MULTOS, Banrisul worked with SmartCon, a local Smart Card Consultancy to develop its own MULTOS EMV & PKI applications, and its own data preparation and smart card management systems which run on IBM z/os and use IBM ICSF (Integrated Cryptoserver Service Facility) as an HSM (hardware security module). The bank generates personalization data in house and then uses Gemplus BankNote as an external bureau for personalizing its StepNexus MULTOS cards. Having selected Keycorp/Infineon 32kb MULTOS version 4.2 smart cards, Banrisul is able to source embedding of the MULTOS modules from any smart card manufacturer in Brazil. The new smart cards have been used with several PC/SC Desktop smart card readers, ATMs, EFTPOS and PIN Pads with great success. The StepNexus MULTOS platform is now the standard smart card platform for all chip card programs for Banrisul. Its architecture offers all the security we need, together with excellent multi-application support. Smart and Successful Banrisul is well on its way to smartcard success in Brazil. The roll out is starting for Corporate Internet bank clients and clients that complete higher value transactions on-line. Banrisul has issued 35,000 MULTOS cards as of April, 2005. More importantly, customers are noticing the change. When asked about how StepNexus MULTOS helps Banrisul meet its business objective, Krug is quite clear. StepNexus MULTOS solutions reduce fraud and increase the volume of transactions conducted online, eliminating the substantial costs of processing paper. That impacts our bottom line. Whenever you can do that for a bank, you make a positive, measurable impact that gets noticed. 16

7 Conclusion The priority of most issuers is to get off the ground with EMV migration quickly, and the temptation is to invest in native smart card products and native card personalisation systems which will become redundant as soon as new functionality needs to be supported on the cards, or tie issuers into specific solution providers. MULTOS step/one provides a cost-effective open standard alternative to allow EMV compliance, whilst allowing issuers to capitalise on their investment to rapidly embrace new applications from alternative sources or dynamic authentication mechanisms in the future. 8 For more information about StepNexus and MULTOS Visit: www.multos.com, www.stepnexus.com Contact: pr@multos.com 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information