0
Diagnosing the EMV Migration Pain Points:
How to Make the Bitter EMV Migration Pill
Easier to Swallow
Jeremy Gumbley, CTO
...
COMPELLING
EVENTS
LOOMING
U.S. EMV LIABILITY SHIFT
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgum...
EVER EVOLVING
PCI DSS
REQUIREMENTS
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jg...
THE 5 PAIN POINTS
TO EMV MIGRATION
1. PINPAD SUPPORT
FACTORS TO CONSIDER
a) Attended or Unattended?
→ How important is PIN Debit to you?
b) What CVMs do you need to support?
B...
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
1. SELECT PINPAD, CREATE A R...
2. UPDATE EXISTING
PROCESSOR INTERFACES
FOR EMV
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
2. UPDATE PROCESSOR INTERFAC...
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
2. UPDATE PROCESSOR INTERFAC...
3. A CERTIFICATION FOR
EACH PINPAD AND
PROCESSOR
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
3. CERTIFY EACH PINPAD WITH ...
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
3. CERTIFY EACH PINPAD WITH ...
4. WHAT ABOUT
TERMINAL MANAGEMENT?
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
4. WHAT ABOUT TERMINAL MANAG...
5. WHAT ABOUT
PCI P2PE?
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
5. WHAT ABOUT PCI P2PE?
…………...
SUMMARY
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
SUMMARY
……………………………………………………...
SOLUTIONS
Booth #1615
www.creditcall.com/ChipDNA
jeremy.gumbley@creditcall.com
Linkedin.com/in/jgumbley
SOLUTIONS
………………………………………………...
jeremy.gumbley@creditcall.com
jeremy.gumbley
If you have any questions:
Come and see us at booth #1615
or visit www.credit...
Upcoming SlideShare
Loading in...5
×

Diagnosing the EMV Migration Pain Points

597

Published on

Creditcall CTO Jeremy Gumbley looks at the problems and solutions how the EMV Migration bottleneck of the vigorous, slow and costly EMV certification processes can be bypassed, the complexity, risk and cost of EMV certification removed, and PCI DSS requirements – including major security concerns – and compliance demands reduced. Diagnosis and discussion is pertinent as all of these topics will play an enormous role in the run up to the October 2015 EMV Migration deadline. For more information, go to www.creditcall.com/ChipDNA

Five EMV Migration Pain Points

1. Choose PINpad, develop and perfect driver
2. Update each processor interface for new EMV messages
3. Certify for each PINpad and each processor (M-TIP/ADVT/AEIPS/D-PAS)
4. Adapt or create a Terminal Managament System (TMS)
5. Maintain PCI P2PE certifications

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
597
On Slideshare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
30
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Diagnosing the EMV Migration Pain Points "

  1. 1. Diagnosing the EMV Migration Pain Points: How to Make the Bitter EMV Migration Pill Easier to Swallow Jeremy Gumbley, CTO Creditcall North America Cartes America 2014, May 13-15
  2. 2. COMPELLING EVENTS
  3. 3. LOOMING U.S. EMV LIABILITY SHIFT Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley COMPELLING EVENTS…………………………………………………………………………………………………………………………………………………….
  4. 4. EVER EVOLVING PCI DSS REQUIREMENTS Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley COMPELLING EVENTS…………………………………………………………………………………………………………………………………………………….
  5. 5. THE 5 PAIN POINTS TO EMV MIGRATION
  6. 6. 1. PINPAD SUPPORT
  7. 7. FACTORS TO CONSIDER a) Attended or Unattended? → How important is PIN Debit to you? b) What CVMs do you need to support? Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley 1. SELECT PINPAD, CREATE RELIABLE AND ROBUST DRIVER…………………………………………………………………………………………………………………………………………………….
  8. 8. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley 1. SELECT PINPAD, CREATE A RELIABLE AND ROBUST DRIVER……………………………………………………………………………………………………………………………………………………. HOW ABOUT CONTACTLESS?
  9. 9. 2. UPDATE EXISTING PROCESSOR INTERFACES FOR EMV
  10. 10. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley 2. UPDATE PROCESSOR INTERFACES TO SUPPORT EMV MESSAGING ……………………………………………………………………………………………………………………………………………………. GETTING TO GRIPS WITH EMV • The terminology and the payment flows – issuer script processing for instance. • Who owns the code? • Who maintains the code? • Is the original developer still around?
  11. 11. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley 2. UPDATE PROCESSOR INTERFACES TO SUPPORT EMV MESSAGING ……………………………………………………………………………………………………………………………………………………. TIME MANAGEMENT • Have you allocated enough time to the project considering the Processors will probably be inundated with support requests? • Do the same for every Processor interface SUPPORT • Will the Processor have enough resource to support you?
  12. 12. 3. A CERTIFICATION FOR EACH PINPAD AND PROCESSOR
  13. 13. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley 3. CERTIFY EACH PINPAD WITH EACH PROCESSOR ……………………………………………………………………………………………………………………………………………………. LAYERS OF BRAND CERTIFICATION • Each PINpad and processor combination requires various layers of brand certification – M-TIP/ADVT/D-PAS • Rinse and repeat for each Processor you need to support! • A certification requires costly test cards and testing tools
  14. 14. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley 3. CERTIFY EACH PINPAD WITH EACH PROCESSOR ……………………………………………………………………………………………………………………………………………………. BUDGET ENOUGH TIME • In mature markets like the UK it takes 10-16 weeks per certification • Repeat every time the EMV Level 2 certification expires • Will the processor have enough time to support you? • What will the processor charge you to certify? • Don’t forget changes in receipting to show some additional EMV fields such as the AID! • Allow extra time for a first certification for documentation interpretation errors, unforeseen technical issues and test host availability.
  15. 15. 4. WHAT ABOUT TERMINAL MANAGEMENT?
  16. 16. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley 4. WHAT ABOUT TERMINAL MANAGEMENT?……………………………………………………………………………………………………………………………………………………. TERMINAL ESTATE MANAGEMENT • Now that you have successfully updated your application to support EMV, how will you manage all the additional data elements required by EMV? • How will you update the firmware in your PINpad estate?
  17. 17. 5. WHAT ABOUT PCI P2PE? Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley
  18. 18. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley 5. WHAT ABOUT PCI P2PE? ……………………………………………………………………………………………………………………………………………………. SECURITY • Are you ready for PCI P2PE? • Domain 5 compliance? (HSMs, changes in process and procedure, cost of certification)
  19. 19. SUMMARY
  20. 20. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley SUMMARY ……………………………………………………………………………………………………………………………………………………. 1 2 3 4 5
  21. 21. SOLUTIONS
  22. 22. Booth #1615 www.creditcall.com/ChipDNA jeremy.gumbley@creditcall.com Linkedin.com/in/jgumbley SOLUTIONS ……………………………………………………………………………………………………………………………………………………. DIY Do it yourself and spend anything from 12 to 24 months building and certifying an in house technology stack. PRE-CERTIFICATION Pre-certified ready build solutions that are plug and play with a variety of PINpads and processors of which there are two types: • Fat technology stack on PINpad • Shared technology stack between POS and PINpad “BUILDING BLOCK” APPROACH PINpad drivers have been developed, off the shelf uncertified updated processor interfaces and other functionality building blocks
  23. 23. jeremy.gumbley@creditcall.com jeremy.gumbley If you have any questions: Come and see us at booth #1615 or visit www.creditcall.com/ChipDNA Jeremy Gumbley CTO
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×