1 / 18

epc card fraud prevention security activities

Page 2. EPC and a SEPA for cards The timelines. . . . . . . . . 2002. 2003. 2004. 2005. 2006. 2007. 2008. 2009. . 2010. EPC Cards Working Group(Chair: Claude Brun). EPC SEPA Card Framework (SCF). Cards Standardisation TF(Chair: Peter Blasche). Minimumrequirements. Recommendedspecifications. Card Fraud Prevention TF(Chair: C

Lucy
Download Presentation

epc card fraud prevention security activities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. EPCCard Fraud Prevention & Security Activities Cédric Sarazin – Chairman Card Fraud Prevention TF 19. December 2007, FPEG Meeting - Brussels

    2. Page 2

    3. Page 3 SEPA Cards Framework(SCF) The SCF was approved by the EPC Plenary on 8 March 2006 The SCF spells out high level principles and rules which when implemented by banks, schemes, and other stakeholders, will enable European customers to use general purpose cards to make payments and cash withdrawals in euro throughout the SEPA area with the same ease and convenience than they do in their home country. There should be no differences whether they use their card(s) in their home country or somewhere else within SEPA. The SCF creates the potential for any SCF terminal to accept any SCF card with a SEPA based acquirer of the merchant’s choice. SCF only covers euro card payments and cash withdrawals Provides a single framework for banks, for schemes and for processors/infrastructures to become SEPA compliant (self-assessment procedure with EPC monitoring)

    4. Page 4 Highlights from the SCF Acquirers will offer merchants the option to acquire SCF compliant card transactions from one or more SCF compliant schemes from 1 January 2008 onwards. As fraud prevention is one of the priorities, the SCF indicates that the EMV chip will be the supporting technology for cards as well as the support of PIN on the acquiring side. The SCF sets out the high level principles to foster the competition between providers of technical infrastructure and payment services and to remove legal and technical barriers. SCF compliant card schemes will separate governance from processing functions. The SCF contains both a number of short term objectives and a longer term vision on the standardisation of the elements of the payment chain. The European Central Bank recently commented the proposed migration towards a SEPA for card and recently acknowledged the importance of the SCF.

    5. Page 5 Impacts of EPC activities on the different elements of card payment schemes

    6. Page 6 Card Fraud Prevention TF Mission, Work & Resolutions 1 Two-days Forum "Fighting Card Fraud across Europe" (Paris 8-9 October 2003) 1 Resolution on "Preventing and Fighting Card Fraud across Europe" (Approved by the Plenary in December 2003) 1 Resolution "Preventing Card Fraud in the New SEPA Environment" (Approved by the Plenary in March 2007)

    7. Page 7 Card Fraud Trendsin SEPA In most of SEPA countries: Counterfeit fraud Magstripe skimming compromission cases (& subsequent fraud outside of chip countries) Card Not Present fraud (e-commerce notably) Fraudsters targetting weak point / sector / environment See (next slides) examples in a few countries

    8. Page 8 Evolution of Fraud on CB Cards

    9. Page 9 Initial impact of chip and PIN on fraud on UK cards

    10. Page 10 Fraud to sales turnover at UK retail Fraud to sales levels at UK high street retailers their lowest for six years. For all card products combined the rate is below 10 basis points

    11. Page 11 Card Fraud Prevention TFCurrent Priorities Preventing the use of counterfeit cards at SEPA terminals Completing EMV migration – Monitoring EMV migration => Currently 56% of cards, 59% of POS, 72% of ATMs in EU Eliminating magstripe fallback at EMV terminals Combating Card Not Present (CNP) fraud E-commerce environment: CVX2 full implementation MO/TO environment: CVX2 E-commerce environment: 3D-Secure implementation Collecting aggregated statistics on card fraud in SEPA … and also: Work on card anti-skimming measures Fraud in specific environments (such as airlines) Work on cardholder authentication methods in e-commerce

    12. Page 12 Examples of Anti-Fishing/Anti-Skimming (AFAS) Devices

    13. Page 13 Securing e-commerce CVX2 Mandatory in all e-commerce transactions (EPC Resolution: by 1st January 2008) 3D Secure : liability shift on card issuers if the merchant is 3D-Secure equipped (EPC Resolution: by 1st January 2009) Strong authentification of cardholders to be promoted,notably using EMV chip.

    14. Page 14 Strong Authentification using Chip:Some pilotes or tests

    15. Page 15 SEPA Card Standardisation Activities,including Security Requirements

    16. Page 16 EPC Standards for Card Terminals

    17. Page 17 EPC Card Standards Implementation Plan

    18. Page 18

More Related