ACI TOKEN MANAGER FOR MOBILE: TOKEN SERVICE PROVISION, HCE AND EMBEDDED SECURE ELEMENT IN THE CLOUD



Similar documents
product flyer Single, full-featured solution flexible, personalized experience Highly extensible and secure

ACI Card and Merchant ManagementTM solutions overview

ACI SELF-SERVICE BANKING

GLOBAL MOBILE PAYMENT TRANSACTION VALUE IS PREDICTED TO REACH USD 721 BILLION BY MasterCard M/Chip Mobile Solution

Making Cloud-Based Mobile Payments a Reality with Digital Issuance, Tokenization, and HCE WHITE PAPER

EMV-TT. Now available on Android. White Paper by

Apple Pay. Frequently Asked Questions UK

BGS MOBILE PLATFORM HCE AND CLOUD BASED PAYMENTS

Android pay. Frequently asked questions

The future of contactless mobile payment: with or without Secure Element?

Tokenization: FAQs & General Information. BACKGROUND. GENERAL INFORMATION What is Tokenization?

ACI ENHANCED SUPPORT PROGRAM

Apple Pay. Frequently Asked Questions UK Launch

Mobile Payment: The next step of secure payment VDI / VDE-Colloquium. Hans-Jörg Frey Senior Product Manager May 16th, 2013

HCE, Apple Pay The shock of simplifying the NFC? paper

ACI ON DEMAND DELIVERS PEACE OF MIND

ACI VIRTUAL COLLECTION AGENT

Transaction Security. Advisory Services

MOBILE PAYMENT IN THE EU: ROLE OF NFC. Gerd Thys Product Manager Clear2Pay Open Test Solutions (OTS)

Digital Payment Solutions TSYS Enterprise Tokenization:

Bringing Mobile Payments to Market for an International Retailer

Transaction Security. Test & Certification and Security Evaluation

MOBILE NEAR-FIELD COMMUNICATIONS (NFC) PAYMENTS

Preparing for EMV chip card acceptance

Significance of Tokenization in Promoting Cloud Based Secure Elements

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER

PROGNOSIS TRANSACTION INSIGHT FOR BASE24 AND BASE24-eps

Mobile Near-Field Communications (NFC) Payments

The Role of the Trusted Service Manager in Mobile Commerce

Creating a trust infrastructure to support mobile payments

INTRODUCTION AND HISTORY

Mobile MasterCard PayPass Testing and Approval Guide. December Version 2.0

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.

Is Payment Tokenization Ready for Primetime?

A Guide to EMV. Version 1.0 May Copyright 2011 EMVCo, LLC. All rights reserved.

ACI BILL PAYMENT SOLUTIONS

Transaction Security. Training Academy

THE CASE FOR IN-SOURCING EMV

THOUGHT LEADERSHIP THE GOLDEN AGE OF CARD PAYMENTS

Payments Transformation - EMV comes to the US

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE

Mobile Payment Security discussion paper

Research Priorities Jean-Pierre Tual, Industrial Relations Director, Strategy and Innovation

RETHINKING CARDS BUSINESS. Erick Ho, Head of Payment Services, SunGard 17 September Break through.

Asian Payment Card Forum

We believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating

Mobile MasterCard PayPass UI Application Requirements. February Version 1.4

How Secure are Contactless Payment Systems?

Banking. Extending Value to Customers. KONA Banking product matrix. is leading the next generation of payment solutions.

ACI Response to FFIEC Guidance

Wayne EMV Solutions. Protect your business with a complete EMV Solution inside and out.

HCE and SIM Secure Element:

IDENTITY SOLUTIONS END-TO-END SYSTEMS SOLUTIONS TO PROTECT IDENTITIES AND SECURE ACCESS FOR A MOBILITY WORLD

Payment Security Solutions. Payment Tokenisation. Secure payment data storage and processing, while maintaining reliable, seamless transactions

Key Topics in Mobile Payments. Marianne Crowe Federal Reserve Bank of Boston m-enabling Summit June 10, 2014

Payments Security White Paper

NFC Application Mobile Payments

OT PRODUCTS & SOLUTIONS TRANSPORT

Transaction Security. Test Tools & Simulators

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud

The New Mobile Payment Landscape. July 2015

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations

Asian Payment Card Forum Growing the Business: Launching Successful Consumer Payments Products

Building Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd.

CyberSource Payment Security. with PCI DSS Tokenization Guidelines

Ambit Card Management Card Management Solution Suite

Euronet Software Solutions Integrated Credit Card System Improve your organization s marketability, profitability and revenue

Data Protection and Mobile Payments. Jose Diaz - Business Development & Technical Alliances Ted Heiman Key Account Manager Thales e-security

Applying the NFC Secure Element in Mobile Identity Apps. RANDY VANDERHOOF Executive Director Smart Card Alliance

UPCOMING SCHEME CHANGES

Accenture Payment Services

A RE T HE U.S. CHIP RULES ENOUGH?

We make cards and payments work for people as a part of everyday life. We bring information to life

EMV : Frequently Asked Questions for Merchants

CyberSource and NetSuite Getting Started Guide

Commercial Banks. Payment transactions secured by G&D.

The Relationship Between PCI, Encryption and Tokenization: What you need to know

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization

MasterCard Contactless Reader v3.0. INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0

Payeezy.com Security in Apple Pay In-App Development

Smart Tiger STARCHIP SMART TIGER PAYMENT PRODUCT LINE. Payment. STiger SDA. STiger DDA. STiger DUAL

Inside the Mobile Wallet: What It Means for Merchants and Card Issuers

Grow with our omni-channel payment processing technologies and merchant services.

Mobile Financial Services

EPC Version 2.0

Secure Payments Framework Workgroup

FAQ EMV. EMV Overview

About Visa paywave for mobile

Visa Recommended Practices for EMV Chip Implementation in the U.S.

Transcription:

DELIVERS PEACE OF MIND PRODUCT FLYER ACI TOKEN MANAGER FOR MOBILE: TOKEN SERVICE PROVISION, HCE AND EMBEDDED SECURE ELEMENT IN THE CLOUD ENABLE FULL SUPPORT OF THE MOBILE PAYMENTS PROCESS FOR EMBEDDED SECURE ELEMENT, HOST CLOUD EMULATION OR BOTH INCREASE SECURITY OF MOBILE PAYMENTS THROUGH TOKENIZATION MANAGE THE ENTIRE LIFECYCLE OF PAYMENT CREDENTIALS Mobile cloud payments using host card emulation (HCE) technology have become an attractive alternative to the traditional secure element (SE) nearfield-communication (NFC) model for delivering mobile services. While the hardware-based (SE) model is currently recognized as more secure, it is also more complex and expensive. For this reason, additional security measures have been introduced to the cloud model to reduce risk. Tokenization technology has been brought forward to keep card data safe during transactions.

AS CLOUD-BASED MOBILE PAYMENTS ARE ONLY BASED ON SOFTWARE SECURITY, TOKENIZATION HAS BEEN BROUGHT FORWARD TO REDUCE RISK. Tokenization reduces the value of payment credentials by replacing the need for merchants or digital wallet operators to store primary account numbers (PANs). Instead, a unique identifier called a payment token is provided, reducing the value of the credentials to hackers. These payment tokens can only be used in a specific domain (such as a merchant s website) or a channel (a mobile device to make an NFC payment, for example). Token 9201 3812 2189 0416 Secure token vault with a link between the PAN and the token value WHAT IS A TOKEN SERVICE PROVIDER? A token service provider is an entity within the payments ecosystem that is able to provide registered token requestors such as merchants holding card credentials with surrogate PAN values, known as payment tokens. A token service provider stores PAN values in a token vault, replaces these with tokens and issues these for token requestors. The token service provider can be independent from the payments network or payments processor, or alternatively can be integrated with one or both of these entities. Token service providers are responsible for a number of functions. They oversee the ongoing operation and maintenance of the token vault, deployment of security measures and controls, and the registration process of allowed token requestors. In this new age of mobile payments, a token service provider solution must enable the implementer to issue and manage the entire lifecycle of payment credentials, implement tokenization to reduce payment card fraud and manage transactions to integrate with the existing authorization host by validating cryptograms as well as performing functions like processing checks. 2

Issuer Token Real card Acquirer Payments network Token service provider The token service provider within an HCE mobile payments infrastructure The issuance and remote of the payment credentials provided by token service providers must comply with specifications defined by the global payment schemes; this can take place in the cloud using HCE or on a smartphone inside a secure element. WHY BECOME A TOKEN SERVICE PROVIDER? There are a number of reasons why entities like issuing banks would consider becoming a token service provider and issue their own tokens. The most important are outlined below. REDUCED PAYMENT NETWORK SERVICE FEES Issuing and managing tokens internally means the provider will not have to request tokens from a third party, saving service fees. INCREASED SECURITY Since providers won t have to integrate with any third parties to perform this service, security is increased. They keep full control of the original PAN number, do not have to share it and don t need to integrate with external systems. FLEXIBILITY TO EXPAND TO OTHER USES Being a token service provider ensures that organizations can further strengthen security by deploying tokens within other use cases. This includes embedded secure elements in mobile devices, the cloud, ecommerce or card on-file scenarios. ACI SOLUTION OVERVIEW ACI Worldwide, in partnership with Bell ID, offers one software platform that enables organizations to perform the responsibilities of a token service provider, as outlined by EMVCo. The role includes the generation and issuance of payment tokens, as well as the operation and maintenance of a token vault. ACI Token Service Provider is a modular platform that can also enable organizations to perform a wide range of other roles in the payments process, such as loading and managing credentials on mobile devices, as well as into the cloud. It also enables the use of tokenization in other scenarios such as ecommerce transactions. The next page shows some of the key capabilities provided by ACI s platform, with individual modular functionality outlined in more detail. REDUCED TIME TO MARKET Controlling their own token vault means that providers can determine when and where to launch their tokenized services. ACI Token Service Provider is a comprehensive software platform that offers many different solutions within the tokenized payments infrastructure. 3

= T Transaction Tokenization Payments network Issuer Token vault Cloud-based mobile payments Physical secure element Modular ACI components TRANSACTION MANAGEMENT Transaction enables issuers to perform transactions without making major changes to the authorization host. It calculates cryptogram version numbers (CVNs) on behalf of the authorization host. ACI s transaction component calculates cryptogram version numbers on behalf of the authorization host. Cryptogram validation: Validates the cryptogram as part of the authorization request Assurance level validation: Provides assurance levels, e.g., account verification, risk score and card issuer authentication PAN processing: Provides the issuer with the PAN in case tokens are used Messaging: Supports different types of messaging interfaces (ISO 8583, SOAP and JMS) TOKENIZATION MANAGEMENT This process helps organizations reduce fraud by removing confidential consumer card data from the payments network, replacing it with unique tokens which are limited in how they can be used. Tokenization: Replaces the PAN with a surrogate value, includes both card-present and card-notpresent tokens for e.g., card on-file scenarios Token vault: Establishes/maintains payment token-to-pan mapping De-tokenization: Converts the token back to the PAN via the token vault Domain : Adds additional security by restricting tokens to use within specific (retail) channels or domains Clearing and settlement support: Provides ad-hoc de-tokenization for the clearing and settlement processes Identification and verification support: Ensures that the payment token is replacing a PAN that was legitimately used by the token requestor Tokenization Token vault Identification and verification Token requester De-tokenization Domain Clearing/ settlement support Authorization host Functionality of ACI s tokenization module 4

The tokenization component by ACI offers the functionality to issue and manage an organization s own tokens. PHYSICAL SECURE ELEMENT MANAGEMENT Banks and service providers can issue contactless payment cards and provision static card data and dynamic key material to a physical SE on a mobile device. The platform is compliant with all trusted service manager standards. Managing physical secure elements is needed on mobile operating systems where cloud-based mobile payments are not (yet) supported. Service delivery: Provide over-the-air (OTA) personalization of secure elements, such as UICC/SIM, smart microsd or embedded; protocols supported are SMS-PP, CATP-TP and RAM over HTTP Messaging: Provides integration with other TSM actors using messaging-based communication protocols such as GlobalPlatform Messaging and AFSCM Service : Provides full of the services deployed on the physical SE CLOUD-BASED MOBILE PAYMENTS MANAGEMENT By issuing and managing cloud-based payment cards, organizations can allow end users to perform NFC transactions based on HCE. This module aligns with the cloud-based specifications by American Express, MasterCard and Visa. It also includes a plug-in to the mobile wallet. HCE payments: Implements the cloud-based payment specifications from all major payment schemes Credential : Manages the system credentials by replenishing static and dynamic card data (payloads) Consumer enrollment: Enrolls cards on the mobile device using a secure channel Lifecycle : Manages the lifecycle of cards and cryptographic keys Notification services: Enables push notifications to the mobile devices to trigger the connection Wallet integration: Provides integration services for wallet providers 2 4 SE 3 App 1 NFC Application issuer ACI solution components 1. Real-time and/or batch file import of card and personalization data 2. EMV command and cryptogram generation (key /HSM) 3. Secure connection 4. An ACI client API SDK allows for a smooth integration to existing (mobile wallet) applications 5

Secure Element in the Cloud is a proven solution, already implemented by issuers worldwide to load and manage credentials on mobile devices. REVOLUTIONIZES PAYMENTS ACI Worldwide, the Universal Payments company, powers electronic payments and banking for more than 5,600 financial institutions, retailers, billers and processors around the world. ACI software processes $13 trillion each day in payments and securities transactions for more than 300 of the leading global retailers, and 18 of the world s 20 largest banks. Universal Payments is ACI s strategy to deliver the industry s broadest, most unified end-to-end enterprise payment solutions. Through our comprehensive suite of software products and hosted services, we deliver solutions for payments processing; card and merchant ; online banking; mobile, branch and voice banking; fraud detection; trade finance; and electronic bill presentment and payment. To learn more about ACI, please visit www.aciworldwide. com. You can also find us on Twitter @ACI_ Worldwide. 6 www.aciworldwide.com Americas +1 402 390 7600 Asia Pacific +65 6334 4843 Europe, Middle East, Africa +44 (0) 1923 816393 Copyright ACI Worldwide, Inc. 2015 ACI, ACI Payment Systems, the ACI logo, ACI Universal Payments, UP, the UP logo, ReD and all ACI product names are trademarks or registered trademarks of ACI Worldwide, Inc., or one of its subsidiaries, in the United States, other countries or both. Other parties trademarks referenced are the property of their respective owners. AFL5751 05-15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information