EPC and Cards Stakeholders Group Released Version 7.05 of the SEPA Car...

EPC and Cards Stakeholders Group Released Version 7.05 of the SEPA Cards Standardisation Volume for Public Consultation

Stakeholders active in the SEPA cards domain are invited to provide feedback by 5 June 2015

28 April 15

Share This

The rationale for harmonised cards standardisation requirements in the Single Euro Payments Area

The European Union (EU) authorities driving forward the Single Euro Payments Area () programme identified early the need to create harmonised standardisation requirements for cards integrating the market for electronic euro payments.

Standardisation of the card and terminal domains is critical given that cards within not only represent the most frequently used non-cash retail payment instruments, but also that card transaction volumes continue to grow at a rapid pace. for cards sets the conditions to offer European cardholders general purpose cards to make euro payments and withdraw euro cash throughout , with the same ease and convenience as in their home country. It also enables European merchants to choose which compliant card acceptance brand and product they wish to accept and with which acquirer(s) (i.e. a payment service provider that services card-accepting merchants) they wish to contract, without this choice being artificially constrained by legal, technical, or procedural issues. European consumers benefit from wider acceptance of their cards within and more choice of card products than before. European merchants benefit from a more competitive acquiring market, and are able to choose which card schemes to accept and from which acquirer.

The European Central Bank (ECB) reiterated the importance of creating a for cards in its report, entitled ‘Card payments in Europe – a renewed focus on for cards’, published in April 2014 (see ‘related links’ below). The report explains the basic concepts, provides aggregate statistics at the EU level, and presents the Eurosystem’s1 views and policies on for cards.2 The ECB stressed that “the ultimate aim of for cards is a harmonised, competitive and innovative European card payments area.” In August 2014, also the European Commission emphasised that “ is more than just credit transfers and direct debits. It is also about card payments and might also cover internet and mobile payments.”3

The objectives of a for cards will be achieved through the use of harmonised, interoperable and free standards, which are openly available to all parties within the card payment value chain. The work of the European Payments Council () and the Cards Stakeholders Group supports this vision.

What is the Cards Stakeholders Group?

Created in 2009, the Cards Stakeholders Group (CSG) is a multi-stakeholder body representing retailers, vendors, processors, card schemes and the , representing payment service providers. The CSG focuses on a cards standardisation programme that will create a better, safer, more cost efficient and functionally richer card services environment, whatever the card product or scheme may be.

The dialogue taking place in the CSG ensures the open and constructive co-management of the processes related to the identification of common standards requirements and implementation of best practices compliant with such requirements, which will promote interoperability and foster competition in the for cards. Specifically, the initiative aims at removing technical obstacles which prevent a consistent customer payment card experience across . The CSG encourages process efficiency throughout the card supply chain and, last but not least, adherence to the highest level of card payment security.

What is the Cards Standardisation Volume?

The CSG develops and maintains the Cards Standardisation Volume (the SCS Volume). This document defines a standard set of requirements to enable an interoperable and scalable card and terminal infrastructure across , based on open international card standards. The SCS Volume does not establish specifications or standards as such, but rather sets (functional and security) standardisation requirements, which refer to existing international standards established by, for example, ISO (International Organization for Standardization), EMVCo (initially Europay MasterCard Visa) and PCI SCC (Payment Card Industry Security Standards Council).

There is no legal obligation to implement the standardisation requirements detailed in the SCS Volume. Achieving conformance with the SCS Volume is a voluntary process. The CSG specifically opted for the concept of conformance rather than compliance considering that alignment in with the SCS Volume is a voluntary decision by players active in the cards domain, and is not an obligation. Voluntary conformance of players active in the cards domain with the standardisation requirements detailed in the SCS Volume is comparable to what was done in Europe to achieve migration to EMV. (EMV is an industry standard to implement chip and personal identification number (PIN) security for card transactions to combat fraud.) In 2004, the industry made the voluntary commitment to migrate cards, points of sale (POS, i.e. terminals), and automated teller machines (ATMs) to EMV for security reasons.

The SCS Volume contains standardisation requirements which as much as possible combine the interests of the different card and terminal value chain stakeholders. Implementation of common standards requirements detailed in the SCS Volume will promote interoperability and foster competition in the cards domain. Improved interoperability will facilitate a consistent customer payment card experience across

and CSG released version 7.05 of the SCS Volume for a three-month public consultation

On 10 March 2015, the , together with the CSG, published version 7.05 of the SCS Volume for a three-month public consultation.

The CSG calls on all stakeholders to provide feedback on the new elements introduced into version 7.05 of the SCS Volume by 5 June 2015. The documentation relevant to the 2015 public consultation is available on the Website page, entitled ‘Public Consultation 2015: Cards Standardisation Volume’, and on the CSG Website (see ‘related links’ below).

New functional and security requirements included in the SCS Volume version 7.05

In January 2014, the , together with the CSG, published version 7.0 of the SCS Volume, ready for market implementation. Version 7.0 of the SCS Volume covers a set of requirements applicable to card-present (also referred to as ‘face-to-face’ or ‘local’) transactions. All stakeholders and interested parties active in the cards domain are encouraged to roll out services and products in line with the requirements set out in version 7.0 of the SCS Volume in a three-year period, i.e. by January 2017.

Version 7.05 of the SCS Volume, released on 10 March 2015, includes the requirements published with version 7.0 applicable to card-present transactions, which remain unchanged. In addition, the SCS Volume version 7.05 has been updated to incorporate the following new elements:

  • Functional and security requirements applicable to card-not-present (also referred to as ‘remote’) payments, which are initiated in the context of electronic or mobile commerce or by mail or telephone order.
  • Enhanced requirements related to the pre-authorisation of both face-to-face and remote card payments relevant to, amongst others, service providers operating in the hospitality sector.
  • A cards processing framework which defines business principles and requirements for market access and participation in card payment processing services. The main objective of this framework is to facilitate an open and transparent market.

The updated version 7.05 of the SCS Volume released for public consultation in March 2015 by the together with the CSG addresses evolving market needs in a fast-moving environment. The proposed new standardisation requirements will contribute to creating a harmonised card and terminal infrastructure across which allows both consumers and merchants to fully reap the benefits of exchanging goods and services in the digital age.

Structure of the SCS Volume version 7.05

The SCS Volume version 7.05 consists of seven separate books. It should be noted that Book 5 (conformance verification processes) remains unchanged compared to the previous version 7.0 of the SCS Volume. Book 5 is therefore not subject to the 2015 public consultation.

The following documentation pertains to version 7.05 of the volume:

  • Book 1 – ‘General’ highlights the relevance of harmonised standardisation requirements to achieve a for cards. It offers an introduction to the content and structure of the SCS Volume, addressing the information needs of both experts in the field and other parties interested in the subject. It reflects the document change history and the principles governing the maintenance process. Book 1 also includes the definitions of terms used in the SCS Volume.
  • Book 2  ‘Functional Requirements’ details requirements applicable to card transactions which result in the provision of the different services to the cardholder referred to in this book. Book 2 enables a card system specialist to identify the operational requirements in the domain that need to be addressed to facilitate harmonisation. To improve the interoperability of cards and terminals, the book also refers to and enhances EMV standards and shows how to use these in conformance with the various services requirements described.
  • Book 3  ‘Data Elements’ supports the new card message standards defined in ISO (International Organization for Standardization) (i.e. 20022). It allows card schemes, issuers and acquirers to easily identify enhancements and comparisons with earlier ISO releases. In addition, the data within Book 3 is available within a separate spreadsheet which can assist in the design of related system architecture for implementation. This promotes the harmonisation of existing protocols with both the SCS Volume and the ISO 20022 card message authorisation and clearing standards. Book 3 serves as a major enabling factor to achieve technical interoperability in the area of processing based on the most advanced global message standards available.
  • Book 3  Data Elements Spreadsheet sets out the data elements described in Book 3 of the SCS Volume version 7.05. This separate spreadsheet can assist in the design of related system architecture for implementation and promotes the harmonisation of existing protocols with both the SCS Volume and the ISO 20022 card message clearing standards.
  • Book 4  ‘Security’ defines requirements in order to achieve a “single common set of card security requirements and technical specifications”. The Book 4 single security requirements refer to PCI (Payment Card Industry) international card security standards. This ‘toolbox’ enables system developers and security professionals to easily identify and implement a single harmonised set of security requirements in a consistent way. card single security requirements are key to maintaining trust in card payments and to making security a pro-competitive factor to the benefit of all stakeholders in the card industry.
  • Book 5  ‘Conformance Verification Processes’ defines the methods which allow to verify actual conformance with the SCS Volume requirements of a given card or terminal product or device.
    • Based on those requirements, an implementation specification is developed, which allows a solution provider (e.g. a point of sale vendor) to develop products (e.g. a point of interaction terminal) against it. The conformance of a product towards an implementation specification is controlled by the certification process.
    • The labelling process, which is optional, verifies that an implementation specification and its environment conform to the requirements of the SCS Volume.
    • Type approval is defined as a final validation, performed by an approval body, before the product or solution may be deployed and used.

(As mentioned above, Book 5 remains unchanged in version 7.05 and so is not part of the public consultation.)

  • Book 6  ‘Implementation Guidelines’ defines a convergence path; i.e. a migration towards unique requirements and references to standards.
  • Book 7  ‘Cards Processing Framework’ defines business principles and requirements for market access and participation in card payment processing services. The main objective of this framework is to facilitate an open and transparent market.

These documents can be downloaded individually or together included in a zip file on the and CSG Website pages dedicated to the SCS Volume version 7.05 (see ‘related links’ below).

Next steps

Based on the feedback received during the 2015 public consultation, the SCS Volume version 7.1 will be published in due course to include the finalised requirements related to remote transactions and pre-authorisation, respectively, and the final cards processing framework. These new elements, to be incorporated into the next version of the document, will be subject to a three-year implementation timeline.

The CSG stresses that the SCS Volume will also be aligned with relevant regulatory initiatives such as, for example, the forthcoming revised Payment Services Directive and the new Regulation on interchange fees for card-based payment transactions, once approved by the co-legislators.

Claude Brun is the Chair of the Cards Working Group and Co-Chair of the CSG.


Related links:

EPC Website: Public Consultation 2015: SEPA Cards Standardisation Volume Version 7.05

CSG Website: Public Consultation 2015: SEPA Cards Standardisation Volume Version 7.05 

EPC Website: SEPA Cards Standardisation Volume Version 7.0 Published in 2014 Ready for Market Implementation 

EPC Website: EPC Deliverables in the Area of Cards 

Cards Stakeholders Group Website

European Central Bank (29 April 2014): Card payments in Europe – a renewed focus on SEPA for cards

Council of the European Union4 – Economic and Financial Affairs, ECOFIN. Council Conclusions on , December 2009

The Eurosystem’s view of a SEPA for cards. (November 2006)


Related articles in previous issues:

The Future of Payments: European Commission Invited Exchange of Views at its Conference on Emerging Challenges in Retail Finance and Consumer Policy ( Newsletter, Issue 25, January 2015) 

Guidelines on the Security of Internet Payments Released by the European Banking Authority: a Two-Step Approach ( Newsletter, Issue 25, January 2015)

Virtual Currencies: a House of Cards or a Mass Market Trend? The Answer to that Question Remains Pending - A commentary on the latest developments in the emerging virtual currencies landscape ( Newsletter, Issue 25, January 2015)

EPC Comments on the Draft 'Recommendations for the Security of Mobile Payments' Developed by the European Forum on the Security of Retail Payments ( Newsletter, Issue 22, April 2014) 

EPC Publishes Updated Mobile Wallet Payments White Paper ( Newsletter, Issue 21, January 2014)

Newsletter: Articles Published in the Section 'SEPA for Cards'

 

The Eurosystem comprises the European Central Bank and the national central banks of those countries that have adopted the euro.

European Central Bank press release (29 April 2014): for cards continues efforts to create a truly European payments area. http://www.ecb.europa.eu/press/pr/date/2014/html/pr140429.en.html.

European Commission statement (1 August 2014): Vice-President Michel Barnier welcomes major milestone for the internal payments market with the migration to (Single Euro Payments Area). http://europa.eu/rapid/press-release_STATEMENT-14-246_en.htm.

The Council of the is the institution where the Member States’ government representatives sit, i.e. the ministers of each Member State with responsibility for a given policy area.



Your reactions

If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.