Date post: | 22-Dec-2015 |
Category: |
Documents |
Upload: | brianne-perry |
View: | 213 times |
Download: | 0 times |
Geneva, Switzerland, 4 December 2014
Evolving Payments into The Digital World
Richard Smith,Vice President, MasterCard
Customer Fraud Management [email protected]
ITU Workshop on "Digital Financial Services and Financial Inclusion“
(Geneva, Switzerland, 4 December 2014)
Geneva, Switzerland, 4 December 2014 2
What do most criminals want?
Primary Account Data Mag stripe Track 1 + Track 2 data PAN, User Name, Expiry date, CVC1
CVC2
Personal Identification Number (PIN)
Personal data
Geneva, Switzerland, 4 December 2014 3
Where is the data?
Point of Sale (POS) system
Back of House Server (BOH)
In Transit
4
Traditional “Four-Party” Model Depiction
Issuer
Cardholder Merchant
Acquirer
Goods and Services
Statement
Transaction
Transaction
Third Parties Third Parties
April 19, 2023
Page 5
Emerging Trends
Technology – Cloud, Mobile
•New types of entities that we have never worked with before
•They don’t know us and we don’t know them
•They don’t understand the rules of the game, Regulation/AML/OFAC/Customer Risk/Fraud
•Risk appetites are very different
6
Transition to Today’s “n-Party” Model
Merchant Merchant Merchant
Issuer
Cardholder
Acquirer
3rd-Party Processor Member Service Provider
(TPP MSP)
IndependentSales
Organizations(ISO)
IndependentSales
Organizations(ISO)
“Merchant”Types and Devices
Data StorageEntity (DSE)
3rd-Party Processor Member Service Provider
(TPP MSP)
Define the Rules
Develop and evolve the rules
Roles and Responsibilities of the various stakeholders
Balanced consideration of all interests Standards
Licensing Allows the licensee to use the brand
Ensures customer is legal, regulated, compliant during on boarding.
Licensee agrees to comply with the MasterCard standards
The Licensee registers all the relevant parties
MasterCard knows who is involved in the payment Eco systemRegistration
1
2
3
Franchise Development
Integrity of the network– Compliance Program
– Global Quality Analytics
– Dispute Resolution Management
Global interoperability between anonymous parties
Compliance
4
Measures of Safety
Credential Management: How the payment credentials are protected
-Typically measured by:1. Who provisioned the credentials?2. What credentials were provisioned?3. Where were the credentials stored?
Transaction Strength: How we maintain authenticity in the transmission of payment information
-Typically measured by:1. How was the cardholder authenticated / identified?2. Was dynamic data used in the transaction?
1. Strong device authentication for “Face-to-face” and “Remote”
2. Strong and easy-to-use consumer authentication
3. Payment credentials under control of cardholder regardless of use case
4. Hardware and software methodologies supported
5. Dynamic data in all transactions6. Issuer liable (by and large)
converged paradigm to address the digital era
• Higher quality, safer and more secure transactions
• Migration of transactions to the devices that consumers’ prefer
• Seamless integration of payment into high value digital assets
– Merchant shopping apps– Mobile banking applications
• Improved Consumer Experience
New Converged Paradigm Benefits
Tokenization – Provided through the MaDigital Enablement Service (MDES)
Tokenization Digitization
Of a consumer’s payment card credentials
Tokenization is the replacement of a consumer
card’s primary account number (PAN) with an
alternative card number
Digitization is the process to deliver “tokenized” card details to mobile devices or servers for more secure
payments
Apple Pay is a full implementation new converged paradigm
Contactless (EMV)
In-app (EMV Over Internet)
…that’s it!