Make This Document Your Own

Slides:



Advertisements
Similar presentations
Learning Objectives Understand the shifts that are occurring with regard to online payments. Discuss the players and processes involved in using credit.
Advertisements

What Are the Functions of ATM Machines?
October 28, Who? What? When? Why? Comply with PCI compliance policies set forth by industry Create internal policies and procedures to protect.
HCE AND BLE UNIVERSITY TOMORROWS TRANSACTIONS LONDON, 20 TH MARCH 2014.
CONFIDENTIAL AND PROPRIETARY ©2014 DISCOVER FINANCIAL SERVICES 2014 Discover ® Dealer Incentive Program & EMV Update.
Leanne Phelps Senior Vice President, Card Services
1 U.S. EMV Migration Update and Best Practices Hap Huynh, Senior Director Risk Products April 2015.
Electronic Commerce Payment Systems. Learning Objectives 1. Understand the shifts that are occurring with regard to online payments. 2. Discuss the players.
Northwest Card Association Acquirer Update January 2012.
Contactless Payment. © Family Economics & Financial Education – January 2007 –– Financial Institution Unit – Contactless Payment - 2 Funded by a grant.
© 2012 Presented by: Preparation For EMV Chip Technology Keith Swiat.
Memorial University of Newfoundland An Update on Chip September 26, 2007.
LECTURE 7 REF: CHAPTER 11 ELECTRONIC COMMERCE PAYMENT SYSTEMS PREPARED BY : L. Nouf Almujally Copyright © 2010 Pearson Education, Inc. 1.
Mar 11, 2003Mårten Trolin1 Previous lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
EMV’s Impact on U.S. Retailers – It’s Coming! Presented by: Chris Francis VP, Market Development February 21, 2014.
An Introduction to EMV Presented to:
Why Comply with PCI Security Standards?
Credit card and Debit card Working and Management.
Emerging Technologies
“Electronic Payment System”
EPS (Electronic payment system) is an online business process used for fund transfer using electronic means, i.e  Personal computers  services  Mobile.
Card Brand Mandates. Key EMV dates from Card Brands © 2012 VeriFone Systems, Inc.  2012: TECH Innovation Program (TIP) - PCI validation relief for Level.
By: Piyumi Peiris 11 EDO. Swipe cards are a common type of security device used by many people. They are usually a business-card-sized plastic card with.
DEBIT CARD, CREDIT CARD & SMART CARD
EMV Panel: Part Two (Follow up to Last Year’s Panel) Joseph D. Tinucci, AAP, CTP Kim Smith-Gross, CTP Matt Davies, AAP, CTP, CPP 2015 ROCKY MOUNTAIN SUMMIT.
R U Ready? V M E EUROPAY MASTERCARD VISA EMVco was formed in 1999.
Contactless Payment. © Family Economics & Financial Education – January 2007 –– Financial Institution Unit – Contactless Payment - 2 Funded by a grant.
Confidential – For Discussion & General Information Purposes Only EMV to Card Not Present Fraud Gavin Levin, CTP eReceivables Consultant.
CREDIT CARD FRAUD. TYPES OF CREDIT CARD FRAUD Counterfeit credit card use. Card lost or stolen by the card holder. Fraud committed without the actual.
Agenda EMV – What Is It? EMV In The UK EMV Is Coming To The US
The next generation of payments is here. Is your business ready?
Getnationwide.com Let’s Talk about EMV Danielle Rourke.
1.Understand the shifts that are occurring with regard to online payments. 2.Discuss the players and processes involved in using credit cards online.
What you need to know about PCI-DSS Jane Drews Chief Information Security Officer Information Security & Policy Office
Midsouth User Group Annual Conference
EMV: transforming the payment experience
EMV: What is it and how will it impact your business.
Fall  Comply with PCI compliance policies set forth by industry  Create internal policies and procedures to protect cardholder data  Inform and.
Confidential and Proprietary - NOT TO BE DISTRIBUTED WITHOUT THE EXPRESS WRITTEN PERMISSION OF BANK OF AMERICA MERCHANT SERVICES. ASTRA EMV Review/Best.
EMV Operation and Attacks Tyler Moore CS7403, University of Tulsa Reading: Anderson Security Engineering, Ch (136—138), (328—343) Papers.
WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3  An acronym created by Europay ®, MasterCard ® and Visa ®  The global standard for the.
Commercial Card Expense Reporting (CCER) The Trustees of Roanoke College An internet solution Accessed via Wells Fargo’s secure Commercial Electronic Office.
Improving Card Production and Distribution Presenter/Moderator: Art Aldridge Panelists: Tom Hedrich — Vice President of Business Development, EFT Source.
Make This Document Your Own
North Carolina Office of the State Controller
EMV.
ELECTRONIC PAYMENT SYSTEM
Making card acceptance work for you
Some things have undergone massive changes over the years…
EMV Acceptance Training
CONFERENCE OF WESTERN ATTORNEYS GENERAL
EMV & Parking – 6 Months On
Electronic/Online Banking & Bill Pay
Electronic Commerce Payment Systems CIS 579 – Technology of E-Business
SECURITY FEATURES OF ATM
Electronic Payment Systems
Electronic Commerce Payment Systems
Making card acceptance work for you
EMV® 3-D Secure - High Level Overview
BY GAWARE S.R. DEPT.OF COMP.SCI
Electronic Commerce Payment Systems
The Payment Processing System
October 27, 2016 EMV 3DS Seizing the opportunity to enhance security and deliver a great consumer experience September 22, 2018.
September 2016 EQUIPMENT FOR PROCESSING.
What is BankMobile? A process to select how to receive student refunds and student payroll payments It is fast, secure, and convenient. Go to:
Chip & Pin and Apple Pay: Vulnerabilities of the Changing Payment Systems Jay Isaacson.
Setting up Clover Go account
Electronic Commerce Payment Systems
Electronic Commerce Payment Systems
New Jersey Gasoline C-Store Automotive Association
Presentation transcript:

Make This Document Your Own Brand the document with your logo Step 1: Replace the placeholder logo on the upper right hand corner of each slide with your own logo Select View > Master > Slide Master Right click on the placeholder logo in the upper right hand corner of the first slide, select “Change Picture”, then navigate to the image you want to include and insert it. Step 2: Replace the placeholder logo on the title slide with your own logo Select View > Master > Slide Master Right click on the placeholder logo on the title slide (4th slide), select “Change Picture”, then navigate to the logo image you want to include and insert it.  

Make This Document Your Own Remove Unwanted Slides & Save Your Document Step 3: Remove any unwanted slides Along the left hand side you will see thumbnails of each slide; the one that is selected is highlighted with orange around it. If you decide to delete any slides, simply click on that slide’s thumbnail and either hit the delete key on your keyboard, or right click and select “Delete Slide” Don’t forget to delete the “Make This Document Your Own” slides! Step 4: Save your document Once you have branded your document, deleted unwanted slides and made any additional changes, you can save the document. In addition to saving a PowerPoint version of this file, we recommend saving the document as a PDF file so your merchants can reference the document without having to view it as a PowerPoint presentation. To save, select File > Save As > name your file > select PDF > Save

EMV Overview Get familiar with EMV

Understanding the basics of EMV technology Get to Know the Chip

Understanding EMV & the technology that powers EMV cards What is EMV? Understanding EMV & the technology that powers EMV cards EMV, which stands for Europay, MasterCard and Visa, is the technology behind that tiny microchip that’s showing up on new credit and debit cards everywhere in the U.S. This tiny little chip has huge benefits when it comes to protecting against fraud for card-present transactions. It offers better data security than magnetic stripe transactions and makes counterfeiting a card next to impossible. Embedded Microchip This microprocessor chip is what turns the card into a smart card and enables it to communicate secure EMV transaction data to an EMV terminal. Embedded Antenna This antenna connects to the embedded microchip and communicates the secure EMV transaction data to a point of sale terminal via NFC technology.

Understanding the 3 ways EMV payments can be accepted Ways to Accept EMV Understanding the 3 ways EMV payments can be accepted Mobile EMV Contact EMV Contactless EMV Mobile EMV payments allow customers to upload their EMV card credentials onto their mobile phone. Then, when it’s time for payment, a customer can tap their phone against the terminal, which then communicates with the phone’s antenna via NFC technology, while still using the EMV security standards. Contact EMV payments require a customer to put their EMV card into the slot of an EMV terminal. While the card remains in the terminal, the embedded chip and the terminal communicate to verify the card is real and to validate the cardholder’s identity. Contactless EMV payments allow customers to tap their card against the EMV terminal, enabling the terminal to communicate with the card’s embedded antenna via NFC technology while still using the EMV security standards.   

Understanding how EMV authenticates the cardholder EMV Chip & PIN Understanding how EMV authenticates the cardholder The EMV card and EMV terminal communicate and work to negotiate the highest level of security available to determine if a PIN or signature will be required for the Contact EMV payment. Chip & PIN Chip & Signature The EMV terminal requires the customer to enter their PIN to verify their identity. The EMV terminal prompts and requires the customer to sign for the transaction. + +

What Happens When an EMV Transaction is Processed? Understanding the steps and key players involved in processing an EMV credit card transaction EMV Cardholder EMV Terminal EMV-Ready Merchant EMV Certified Payment Gateway EMV-Ready Issuing Bank

Key Players in Processing an EMV Transaction EMV Cardholder EMV Terminal EMV-Ready Merchant An EMV cardholder is someone who has obtained an EMV credit or debit card from a card issuing bank and is ready to start using it to make purchases. An EMV terminal is the POS hardware that communicates with the cardholder’s EMV card, specifically the embedded chip or antenna on the card. An EMV-ready merchant has a compatible EMV-enabled terminal in their store and can start accepting EMV payments from their customers (cardholders) for the goods or services they sell. This is Joe This is Suzi EMV-Ready Payment Gateway EMV-Ready Issuing Bank (Cardholder Bank) The EMV-ready payment gateway securely transmits the EMV transaction data and one-time cryptogram to issuing bank. The EMV-ready issuing bank issues EMV credit cards to consumers like Suzi. They are responsible for decrypting the EMV transaction data and one-time cryptogram, authorizing the transaction and sending back their response via a new one-time cryptogram with the transaction authorization. Joe’s EMV Certified Payment Gateway Account Suzi’s EMV-Ready Issuing Bank

✔ ✔ Contact EMV Transaction Flow    1. Suzi the EMV Cardholder Purchases a Red Widget 2. The EMV Terminal Verifies the Card’s Authenticity There are a few different ways this can happen, depending on whether it’s a contact EMV, contactless EMV or mobile EMV transaction. While Suzi is shopping in her town, she spots the perfect red widget while passing by Joe’s Widget Shop and decides to stop in and buy it. Suzi is able to make an EMV payment for the widget, since Joe’s shop is EMV ready. Suzi makes a contact EMV payment and initiates the transaction by placing her card in the terminal’s slot. For Contact EMV (and in Suzi’s Case) For Contactless EMV & Mobile EMV The card is placed into the slot on the terminal and remains there while the terminal verifies the card is real and validates the cardholder identity. The terminal will ask for the cardholder’s PIN or signature depending on the issuer’s verification method. The user taps the card or mobile phone, and using NFC technology it communicates with the terminal. The same EMV security standards used for contact EMV purchases are employed to verify the card is real and to validate the cardholder identity. We Accept ✔ ✔   

✔ ✔ + =  3. EMV Transaction Data is Prepared & One-Time Cryptogram is Created Once Suzi’s card has been verified and her identity has been validated, the terminal and the card work to prepare the EMV transaction data and create a one-time cryptogram that is only valid for this specific transaction. 4. EMV Transaction Data & One-Time Cryptogram are Sent to the Payment Gateway ✔ ✔ + = The gateway receives the EMV transaction data and one-time cryptogram and securely transmits them to Suzi’s issuing bank.  Joe’s EMV Certified Payment Gateway Account Suzi’s EMV-Ready Issuing Bank

5. The Issuing Bank Decrypts the EMV Transaction Data & One-Time Cryptogram After Suzi’s issuing bank receives the transaction data, it works to decrypt the EMV transaction data and one-time cryptogram. Now the bank has all the information it needs and can authorize the transaction. ✔ + = 6. The Issuing Bank Creates a New One-Time Cryptogram to Sends Its Response Transaction authorized Suzi’s EMV-Ready Issuing Bank Suzi’s issuing bank now needs to communicate the transaction authorization back to the EMV terminal and creates a new one-time cryptogram to do this. ✔  Transaction authorized

7. The Issuing Bank Sends the New One-Time Cryptogram to the Payment Gateway Suzi’s issuing bank sends the new one-time cryptogram with the transaction authorization back to the payment gateway.  8. The New One-Time Cryptogram with the Issuer’s Response is Passed Along to the EMV Terminal Suzi’s EMV-Ready Issuing Bank Joe’s EMV Certified Payment Gateway Account Once the payment gateway receives the new one-time cryptogram, it passes it along to the EMV terminal. From there the EMV terminal decrypts and displays the issuer’s response, which in this case is an approval. ✔   Joe’s EMV Certified Payment Gateway Account

What Do Merchants Need To Know About the EMV Liability Shift? Understanding the liability shift and the steps to take to avoid liability October 1st Deadline EMV Liability Shift Rules EMV Adoption Tips to Avoid Liability

October 1st 2015 Deadline Liability Shift Understanding how this deadline affects the liability shift Liability Shift After October 1, 2015, if a fraudulent transaction occurs, the liability belongs to whichever party has not yet adopted EMV chip technology. This means that the issuing bank or merchant could end up being financially responsible for the fraudulent transaction if they aren’t EMV ready. Card Present Transactions Only The transition toward EMV technology and the liability shift only affects merchants who process card present transactions. Online transactions, on the other hand, are not directly affected by EMV technology or the liability shift.

EMV Liability Shift Rules & Scenarios After October 1, 2015, who’s liable?1 Scenario 1 A traditional magnetic stripe card is swiped by the customer at a magnetic stripe terminal. Scenario 2 A chip card is used at a traditional magnetic stripe only terminal. Scenario 3 A chip card is used at a chip-enabled terminal. In this case, neither the issuing bank nor the merchant is EMV-ready. If the purchase is a fraudulent transaction, the merchant is generally not liable, just like today. In this case, the issuing bank is EMV-ready but the merchant is not. If the purchase is a fraudulent transaction, the merchant is generally liable, since the issuer has made the investment to upgrade to chip technology and the merchant has not. In this case, the issuing bank and the merchant are both EMV-ready. If the purchase is a fraudulent transaction, the issuer will continue to bear the responsibility of the fraudulent activity, as they do currently. Joe the Merchant Issuing Bank Joe the Merchant EMV Capable Issuing Bank Joe the Merchant is EMV-Ready EMV-Ready Issuing Bank 1. ”Understanding the 2015 U.S. Fraud Liability Shifts,” emv-connection.com, May 2015, http://www.emv-connection.com/downloads/2015/05/EMF-Liability-Shift-Document-FINAL5-052715.pdf

EMV Liability Shift Rules & Scenarios After October 1, 2015, who’s liable?1 ”The EMV Liability Shift—and What It Means for Your Business," discovernetwork.com, accessed September 28, 2015, https://www.discovernetwork.com/chip-card/images/EMV%20Fraud%20Liability%20Shift%20Overview.pdf

EMV Liability Shift Rules & Scenarios—The Exceptions Are there any types of transactions not included in the October 2015 liability shift? 1 Fuel & ATM Transactions Card-Not-Present Transactions Liability for automated fuel dispensers and ATM transactions doesn’t shift until October 2017. The liability shift doesn’t apply to card-not-present transactions. In these cases, the liability remains subject to existing liability and chargeback rules. 1. ”Understanding the 2015 U.S. Fraud Liability Shifts,” emv-connection.com, May 2015, http://www.emv-connection.com/downloads/2015/05/EMF-Liability-Shift-Document-FINAL5-052715.pdf

What is the expected adoption rate of EMV?1 EMV Adoption What is the expected adoption rate of EMV?1 Merchants By the end of 2015, it’s expected that only about half of all US merchants will have upgraded their terminals and will be EMV-ready, leaving a high likelihood that a high percentage of merchants will be financially liable for fraudulent transactions. Issuing Banks By the end of 2015, it’s expected that the card issuing banks will be taking the lead when it comes to EMV adoption. 1. Shamas, Megan. “With EMV Chip Migration on Track, U.S. Payments Industry Looks Ahead to Mobile, eCommerce and Tokenization at Smart Card Alliance 2015 Payments Summit,” smartcardalliance.org, http://www.smartcardalliance.org/with-emv-chip-migration-on-track-u-s-payments-industry-looks-ahead-to-mobile-ecommmerce-and-tokenization-at-smart-card-alliance-2015-payments-summit/.

Steps Merchants Can Take to Avoid Liability Stay on track to avoid liability Stay One Step Ahead of Card Issuers Upgrade & Process Transactions Using an EMV Compatible Device Card issuers already plan to have chip cards in consumers’ hands by the end of 2015 and once consumers start using those cards, merchants with non-EMV-ready terminals will start taking on the liability. Having an EMV compatible terminal is just the foundation for EMV; merchants will actually need to process transactions using EMV whenever possible to truly avoid liability.