Home >Documents >Mobile Initiated SEPA (Instant) Credit Transfer Interoperability 2020-03-02¢  Mobile...

Mobile Initiated SEPA (Instant) Credit Transfer Interoperability 2020-03-02¢  Mobile...

Date post:14-Apr-2020
Category:
View:7 times
Download:0 times
Share this document with a friend
Transcript:
  • Final Draft Mobile Initiated SEPA Credit Transfer Interoperability Guidance

    1 / 168

    European Payments Council AISBL Cours Saint-Michel, 30 - B - 1040 Brussels T +32 2 733 35 33 Entreprise N°0873.268.927 secretariat@epc-cep.eu

    EPC269-19 2019 Version 0.14 Date issued: 27 November 2019

    Mobile Initiated SEPA (Instant) Credit Transfer Interoperability Guidance

    © 2019 Copyright European Payments Council (EPC) AISBL: Subject to EPC’s prior written approval, reproduction for non-commercial purposes is authorised, with acknowledgement of the

    source.

  • 2 / 168

    Mobile Initiated SEPA (Instant) Credit Transfer Interoperability Guidance EPC269-19 Version 1.0

    Table of Contents

    Executive Summary .......................................................................................................... 6

    Document Information .................................................................................................. 9

    Structure of the document .................................................................................................. 9 References ......................................................................................................................... 10 Definitions .......................................................................................................................... 14 Abbreviations ..................................................................................................................... 23 Maintenance Process ......................................................................................................... 25

    General ....................................................................................................................... 26

    Introduction ....................................................................................................................... 26 Vision .................................................................................................................................. 26 Scope .................................................................................................................................. 27 Objectives ........................................................................................................................... 28 Audience ............................................................................................................................ 28

    High-level principles .................................................................................................... 30

    SCT Instant and SCT scheme overview .......................................................................... 32

    Introduction ....................................................................................................................... 32 SCT Instant scheme ............................................................................................................ 32 SCT Scheme ........................................................................................................................ 36

    Mobile initiated SEPA (Instant) Credit Transfers ........................................................... 38

    Introduction ....................................................................................................................... 38 MSCT Transaction .............................................................................................................. 38 MSCT Provisioning and life cycle management ................................................................. 38 Relevant stakeholders in the MSCT ecosystems ............................................................... 39

    MSCT service management .......................................................................................... 42

    Introduction ....................................................................................................................... 42 MSCT application life-cycle ................................................................................................ 42

    MSCT use cases ............................................................................................................ 45

    Introduction ....................................................................................................................... 45 Person-to-person (P2P) payments ..................................................................................... 48 Consumer-to-Business (C2B) payments ............................................................................ 66 Business-to-Business (B2B) payments ............................................................................... 93 Applicability of MSCTs ........................................................................................................ 98

    MSCT transaction aspects ............................................................................................ 99

    Introduction ....................................................................................................................... 99 Payer authentication ........................................................................................................ 101 Strong Customer Authentication (SCA) ........................................................................... 103 Transaction authentication and dynamic linking............................................................. 104

  • 3 / 168

    Mobile Initiated SEPA (Instant) Credit Transfer Interoperability Guidance EPC269-19 Version 1.0

    Transaction risk analysis .................................................................................................. 105 MSCT risk management ................................................................................................... 105

    CDUVM Try Limit and Counter ............................................................................... 106 Transaction Amount Limit ...................................................................................... 107 No-SCA Limit ........................................................................................................... 107 Consecutive No-SCA Limit and Counter ................................................................. 107 Cumulative No-SCA Limit and Accumulator ........................................................... 108

    Acknowledgements / Notifications ................................................................................. 108 Transaction logging in the MSCT application .................................................................. 109

    Generic security guidelines for the customer-to-PSP space ......................................... 111

    Introduction ..................................................................................................................... 111 Threats ............................................................................................................................. 111 Generic security guidelines .............................................................................................. 113 4 Overview ....................................................................................................................... 115

    Security considerations for the payer-to-beneficiary space ....................................... 118

    Proximity technologies .................................................................................................. 118 Web-based payments .................................................................................................... 121 Merchant applications ................................................................................................... 122 Additional security measures ........................................................................................ 122

    Security guidelines for mobile devices ...................................................................... 124

    Security guidelines for MSCT applications ................................................................ 127

    Software-based mobile applications ............................................................................. 127 SE-based mobile applications ........................................................................................ 131

    Security guidelines for CDUVMs ............................................................................... 132

    Guidelines for customer on-boarding by MSCT service providers .............................. 134

    MSCT supporting services ........................................................................................ 136

    Introduction ................................................................................................................... 136 PIS service models .......................................................................................................... 136 SEPA Proxy Lookup Service ............................................................................................ 137 Request-to-Pay service .................................................................................................. 140

    MSCT standards, specifications and white papers ..................................................... 142

    MSCT interoperability aspects .................................................................................. 145

    Introduction ..............................................................................

of 168

Click here to load reader

Embed Size (px)
Recommended