Upload
buixuyen
View
232
Download
2
Embed Size (px)
Citation preview
©2012 Discover Financial Services LLC Confidential & Proprietary 1
EMV in the U.S.
Troy Bernard Global Head of Chip Payments Discover Financial Services, LLC May 11, 2012
©2012 Discover Financial Services LLC Confidential & Proprietary 2
EMV Global Penetration
Canada, Latin America, and the Carribean
Asia Pacific
31.2% of cards 76.5% of terminals
73.9% of cards 89.0% of terminals
17.6% of cards 60.7% of terminals
27.0% of cards 43.0% of terminals
12.7% of cards 65.4% of terminals
* Figures reported as of Q1, 2011 and represent the latest statistics from American Express, JCB, MasterCard, and Visa, as reported by their member financial institutions globally. Figures do not include data from the United States
Africa and the Middle East
Europe Zone 1
Europe Zone 2
United States
Over 1 Billion EMV cards in market
For a global network, EMV support is table stakes
1. The Nilson Report, #989, March 2012. 2. The map denotes countries or territories with transactional activity in the last year. 3. Total reflects the number of merchant outlets that accept one or more card brands. 4. Estimated enablement of Rupay, year-end 2012
Third largest global card acceptance network1
Operates in over 185 countries / territories1
Over 840,000 ATMs in more than 100 countries2
95% ATM parity in US Contactless POS parity in
the US
North America
8.8MM
Latin America
2.9MM
EMEA
2.0MM
Asia Pacific
7.1MM
TOTAL
20.8MM
Discover® – Our Global Payments Evolution
1986
2004
New network in an established card market.
Acquisition of PULSE®, the 3rd largest PIN/ATM debit network in U.S. Partnership with China’s largest issuer, CUP.
2010
Partnership with South Korea’s largest issuer.
2008 2010
Partnership with Serbian issuer.
2007 2005
2004 – Landmark DOJ Ruling
Partnership with Japan’s largest issuer.
Link, U.K. ATM partnership
2006
Acquisition of Diners Club with acceptance in over 185 countries / territories.
2009
Interac ABM partnership.
2011
100 countries for global ATM acceptance.
2012
Partnership with India’s national network. Puerto Rico issuance.
©2012 Discover Financial Services LLC Confidential & Proprietary 5
Discover’s EMV Momentum
Global Progress: 3+ years of global deployment All regions of the world 90+ engagements slated in 2012 Over 1 million cards already in market Supported by all networks (Discover,
DCI and PULSE)
Discover® – North America Mandate (D-PAS)
U.S, Canada and Mexico
Acquirers and Direct-Connect Merchants
April, 2013 – Compliance for D-PAS
Card Authentication: Online or Offline
Chip & Pin or Chip & Signature verification
Supporting choice – channel and security
Contactless D-PAS specification preview
©2012 Discover Financial Services LLC Confidential & Proprietary
North America - D-PAS Timeline
Q4, 2012 – Contactless D-PAS Auth & Settlement Data Requirements Released in 12.2 Specs – New contactless “flags” for existing D-PAS data elements will be formally published
Apr, 2013 – Processor Compliance
– U.S. acquirers, acquirer processors, and direct-connect merchants must support network data required to support contact and contactless chip transactions
– Merchants and Issuers are NOT mandated to deploy D-PAS in terminals and cards – Will be part of the bi-annual Business Enhancements Release for acquirer processors to certify
Oct, 2015/2017 – Liability Shift (details not yet announced)
– Discover supports the most secure transactions possible – Details will be forthcoming
Alignment with Industry
– Aligned to industry implementation parameters and timeframes to minimize disruption – Same timelines as Visa and MasterCard. No response from American Express
2012 2013 1/1/2013 2014 2015 2016 2017
4/19/2013 Processor
Compliance
10/1/2015 Liability Shift
(Except Petro)
10/1/2017 Liability Shift for Petro Merchants
Q2 2012 Contactless
Data Elements Published in 12.2
©2012 Discover Financial Services LLC Confidential & Proprietary
Building an EMV program
Card Specifications Payment applications Functional test cases Functional test lab Functional qualification
agreements Security requirements Security test lab Security testing agreements Type approval procedures Type approval agreement Terminal Specifications Terminal testing requirements Registered Application ID Certification Authority
Specification license agreements Personalization profiles Personalization validation test
plans Personalization validation
procedures Card image requirements Root key generation Policies and procedures to
register security officers Policies and procedures to review
security officer requests Policies and procedures to upload
issuer keys for signing Policies and procedures to
review/approve key signing requests
Test requirements Issuer host testing Acquirer host testing Clearing testing
End-to-end testing Production validation testing Test cards for all testing requirements Test tools (card testing, terminal testing,
host testing) Test tool qualification procedures Test tool licenses Issuer Implementation Guide Acquirer Implementation Guide Merchant Implementation Guide Key Management Guide Certification Guide Test Plans Enhanced authorization and clearing
interfaces Enhanced testing and certification
environment Changes to disputes rules and
procedures
Discover spent 3 years building its EMV capabilities before being market-ready
Anatomy of a traditional EMV transaction
Contact Chip
1. Insert contact EMV card in terminal 2. Validate D-PAS AID present in card and terminal 3. Initiate D-PAS card applet and read terminal data
Options: •Offline PIN •Offline Authorization
Using rules set by Issuer (chip) & Acquirer (Terminal), a decision is made to:
Contact Card Slot
Chip Contains: •Account data •D-PAS applet & Application ID# (AID) • Unique encryption key for each card • Offline PIN (optional) • Record of last few transactions • Offline floor limit
Terminal Contains: • Generic EMV kernal (V/MC/Amex/D) • D-PAS AID • D-PAS Public Key • D-PAS Terminal Parameters
Options: • Online PIN • Online Authorization
Issuer Considerations
When do I start my EMV program? – Early adopter / global traveler – Wait and see
Build vs Buy? – Card management – Customer service – Card personalization – EMV data validation and cryptogram generation
Key Implementation Decisions
– SDA, CDA, or DDA cards – Online vs. offline authorization – PIN vs. signature
Online PIN or offline PIN
©2012 Discover Financial Services LLC Confidential & Proprietary 11
Thank You!