SEPA for Mobile
The European Payments Council (EPC), working together with all stakeholders active in the mobile payments ecosystem, is willing to contribute to the development of a reliable and secure ecosystem for the initiation and receipt of Single Euro Payments Area (SEPA) payments by the mobile phone. The intention is to help establishing an ecosystem, which could enable all payers and payees to make and receive mobile payments (m-payments) across SEPA, and creating a secure environment for the multiple stakeholders active in the field.
EPC white paper on mobile payments
The EPC published the latest version of its white paper on mobile payments in October 2012. Following the public consultation on the white paper in early 2012, the EPC has worked to incorporate input from 17 parties representing various stakeholders in the m-payments ecosystem. These included infrastructure manufacturers, service providers and retail organisations.
This new version of the EPC white paper aims to be an informative read to any party interested in m-payments by using non-technical language. An enhanced overview is provided on the ecosystems for mobile contactless SEPA card payments, mobile remote SEPA card and mobile remote SEPA credit transfer payments.
The white paper provides an analysis of how these ecosystems could evolve and interact to support SEPA card payments and SEPA credit transfers. The document presents a more elaborate overview of the many actors shaping the environment, and describes the convergence of different models and parties involved in the delivery and management of m-payments to ensure the secure implementation of mobile services. The white paper further devotes a new section to the concept of the 'mobile wallet' and the role of this user interface in the context of mobile payments.
Trusted service management specifications for mobile contactless payments
In 2010, the EPC and the GSM Association (GSMA), which represents the worldwide mobile communications industry, published a joint paper titled 'Mobile Contactless Payments Service Management Roles - Requirements and Specifications' (see below). The paper describes the provision and lifecycle management - including distribution, configuration, activation, maintenance and deletion - of banks' mobile contactless payment applications when integrated with a mobile phone. It also outlines the role of the trusted service manager (TSM), which is to support banks and mobile operators aiming to promote mobile contactless payments. It defines a minimum set of requirements for a TSM to interface with banks and mobile operators. TSMs facilitate the distribution, configuration and activation of a bank's payment application on the universal integrated circuit card (UICC, also known as a SIM card), within bank customers' near field communication (NFC) handsets.
EPC 'Mobile Contactless SEPA Card Payments Interoperability Implementation Guidelines'
After an analysis of specifications and guidelines from industry bodies such as EMVCo, GlobalPlatform and Mobey Forum to ensure that existing work in this area was leveraged, a preliminary version of the EPC's 'Mobile Contactless SEPA Card Payments Interoperability Implementation Guidelines' (see below) was made available for public consultation in April 2011. Following the evaluation of the feedback received, the EPC published the final version of this document in November 2011. These guidelines were built on EPC's previous work to focus on the interoperability of processes in the contactless m-payment application lifecycle management, when the m-payment application is stored on one of three secure element (SE) types: UICC, embedded SE or secure micro secure digital (SD) card. The document also deals with aspects of a mobile contactless payment transaction and the technical and security requirements. The guidelines will enable the quick development and implementation of mobile solutions by promoting the use of open standards; describing the roles of stakeholders; positioning EPC responsibilities in relation to other industry bodies; and recommending an adequate level of security for the whole mobile payment value chain in order to establish confidence in this environment.
On 30 March 2012, the European Union (EU) Regulation (EU) No 260/2012 establishing technical and business requirements for credit transfers and direct debits in euro and amending Regulation (EC) No 924/2009 was published in the Official Journal of the EU. Recital 5 of this Regulation states that the European Commission should "review the governance arrangements of the whole SEPA project before the end of 2012 and where necessary make a proposal. This review should examine, inter alia, the composition of the European Payments Council (EPC), the interaction between the EPC and an overarching governance structure, such as the SEPA Council, and the role of this overarching structure."
Pending the outcome of this review process, the EPC decided to suspend any further development related to the Mobile Contactless Payments (MCP) Interoperability Implementation Guidelines (IIGs) awaiting further clarity on the governance of the SEPA Council and on the ensuing mandate of the EPC. The already published MCP IIGs (EPC178-10 v2.0) will therefore remain unchanged and no public consultation on a draft new version of the MCP IIGs will be launched for the time being. Any possible further maintenance will be considered within the future overarching SEPA governance structure.
Selection of articles from the EPC Newsletter and other sources
- EPC Response to European Commission Green Paper 'Towards an Integrated European Market for Card, Internet and Mobile Payments'
- EPC Consultations
- EPC Newsletter: Articles Published in the ‘SEPA for Mobile’ Section