The need for harmonised cards standardisation requirements in the Single Euro Payments Area
The European Union (EU) authorities driving forward the Single Euro Payments Area () identified the need to create harmonised standardisation requirements in the cards domain early in the process of integrating the market for electronic euro payments. This was reinforced by the European Economic and Financial Affairs Council (ECOFIN) representing EU Finance Ministers, in December 2009, when it requested in its conclusions on that the industry should set the conditions for further standardisation in the area of cards (see 'related links' below). This request was repeatedly echoed by the European Central Bank (ECB).
for cards sets the conditions to offer European cardholders general purpose cards to make euro payments and withdraw euro cash throughout , with the same ease and convenience as in their home country. It also enables European merchants to choose which compliant card acceptance brand and product they wish to accept and with which acquirer(s) (i.e. a payment service provider that services card-accepting merchants) they wish to contract, without this choice being artificially constrained by legal, technical, or procedural issues. European consumers benefit from wider acceptance of their cards within and more choice of card products than before. European merchants benefit from a more competitive acquiring market, and are able to choose which card schemes to accept and from which acquirer. The objectives of a for cards will be achieved through the use of harmonised, interoperable and free standards, which are openly available to all parties within the card payment value chain.
The work of the European Payments Council () and the Cards Stakeholders Group (CSG) supports this vision. Created in 2009, the CSG is a multi-stakeholder body representing retailers, vendors, processors, card schemes and the . The dialogue taking place in the CSG therefore, ensures the strong co-management of the processes related to the identification of common standards requirements and implementation of best practices compliant with such requirements, which will promote interoperability and foster competition in the for cards. The CSG focuses on a cards standardisation programme that will create a better, safer, secure, more cost efficient and functionally richer card services environment, whatever the card product or scheme may be. Specifically, the initiative aims at removing technical obstacles which prevent a consistent customer payment card experience across . The CSG encourages process efficiency throughout the card supply chain and, last but not least, adherence to the highest level of card payment security. The CSG develops and maintains the Cards Standardisation Volume - Book of Requirements (Cards Standardisation Volume). This document defines a standard set of requirements to ensure an interoperable and scalable card and terminal infrastructure across , based on open and free standards.
The evolution of the Cards Standardisation Volume: the next version will be based on a revised structure of the documentation
The evolution of the Cards Standardisation Volume reflects the progress of the CSG's work. Version 1.0 of the volume was published in January 2008. The document has since been continuously enhanced and refined in line with evolving industry needs and market developments. Version 5.5 of the Cards Standardisation Volume was submitted for public consultation in 2011. The latest version 6.0 (see 'related links' below), was published in January 2012 including updates based on the wide feedback received during the public consultation. As with all previous versions of the document, version 6.0 is not final and should be viewed as an interim version.
In 2012, the CSG focused on preparing the next and decisive phase in the process; i.e. finalisation of the cards standardisation requirements in readiness for market implementation. This requires, among other things, agreement on the most appropriate structure of the documentation to ensure efficient future maintenance. The CSG decided to split the previously single, stand-alone document detailing the cards standardisation requirements into a series of separate books, which together will form the future Cards Standardisation Volume. The new structure provides for greater flexibility regarding the maintenance of the documentation. It allows issuing updated versions of the Cards Standardisation Volume with amendments only to individual books of which it comprises, based on a periodic review.
It is relevant to outline that the cards standardisation requirements are spelled out at logical level; at technical specifications level these requirements refer to the work of international standards bodies such as the International Organization for Standardization (ISO), EMVCo and the PCI Security Standards Council, including their standards setting processes. The new structure enables the CSG to issue updates of the Cards Standardisation Volume with, for example, revisions only to the book affected by ISO standards developments, to ensure alignment with the ISO release cycle.
It is important to note that the revised structure of the Cards Standardisation Volume is consistent with the content included with the previous interim versions, so that the next release will build on version 6.0 of the Cards Standardisation Volume. It will, in addition, incorporate updates agreed by the CSG in 2012, following a final in-depth review of the many responses received during the 2011 public consultation.
The separate books which together form the next version of the Cards Standardisation Volume, broadly reflect the content of the chapters included with the single, stand-alone document previously published:
- Book 1 - 'General' highlights the relevance of harmonised standardisation requirements to achieve a for cards. It offers an introduction to the content and structure of the Cards Standardisation Volume, addressing the information needs of both experts in the field and other parties interested in the subject. It reflects the document change history and the principles governing the maintenance process. Last, but relevant to outline, Book 1 also includes the definitions of terms used in the Cards Standardisation Volume.
- Book 2 - 'Functional Requirements' details requirements applicable to transactions initiated with a card, which result in the provision of the different services to the cardholder referred to in this book. Book 2 enables a card system specialist to identify the operational requirements in the domain that need to be addressed to facilitate harmonisation. To improve the interoperability of cards and terminals, the book also refers to and enhances EMV1 standards by showing how to use these in compliance with the various services requirements described.
- Book 3 - 'Data Elements' supports the new card message standards defined in ISO (i.e. 200222). It allows card schemes, issuers and acquirers to easily identify enhancements and comparisons with earlier ISO 20022 releases. In addition, Book 3 includes spreadsheets which facilitate the design of related system architecture. This promotes the harmonisation of existing protocols with both the Cards Standardisation Volume and the ISO 20022 card message clearing standards. Completion of Book 3 will serve as a major enabling factor to achieve technical interoperability in the area of processing based on the most advanced global message standards available.
- Book 4 - 'Security' defines requirements in order to achieve a "single common set of card security requirements and technical specifications". The Book 4 single security requirements refer to PCI international card security standards and are a 'toolbox' which enables system developers and security professionals to easily identify and implement such a single harmonised security set of requirements in a consistent way. card single security requirements are key to maintaining trust in card payments and to making security a pro-competitive factor to the benefit of all stakeholders in the card industry.
- Book 5 - 'Compliance Verification Procedures' aims at defining Cards Standardisation Volume Certification and allows to verify actual compliance with the volume of a given card or terminal product or device. Book 5 details requirements for certification processes, as well as verification methodologies to be followed in certification by the certification bodies and laboratories that perform the card certification processes. It also outlines the benefits of card certification as described in this book.
- Book 6 - 'Implementation Guidelines' defines a convergence path; i.e. a migration towards unique standard requirements and references.
To meet industry expectations on the individual books, in 2012 the CSG created dedicated expert teams open to participation by industry specialists covering the five sectors represented in the CSG. Each expert team is tasked to contribute with specialised input to the individual books, which together will form the next release of the Cards Standardisation Volume. The CSG also established a dedicated expert team to address developments related to innovative technologies (i.e. mobile and new devices for card payments) materialising in the area of cards.
Cards Standardisation Volume - next steps: 2013 public consultation and 2014 release of final version in readiness of market implementation
The CSG will release version 6.5 of the Cards Standardisation Volume for public consultation mid 2013. It is planned to publish a mature and stable version of the documentation, updated to incorporate the feedback received with the 2013 consultation, in readiness for market implementation early 2014. The version of the Cards Standardisation Volume to be published early 2014, will be maintained to reflect the further evolution of technical standards and market requirements subject to a predictable release schedule.
The authorities who requested the development of common -wide cards standardisation requirements are expected to integrate this existing card multi-stakeholder body and process into the new governance structure.
Forging card standardisation is a complex process that requires covering technical and procedural details underlying a standard set of requirements to ensure a secure, interoperable and scalable card and terminal infrastructure across . Cards operations are in addition a world wide practice with significant dependencies well beyond the and European market, both in terms of standards contents and their development cycle.
Realism with regards to contents and the time perspective for this exercise requires that the following also has to be kept in mind:
- The starting point was a highly fragmented landscape characterised by a multitude of national and proprietary solutions; i.e. creating harmonised cards standardisation requirements means exploring a new territory beyond such national and proprietary situations.
- Defining cards standardisation requirements is based on consensus building across multiple industries, customer segments and 32 countries.
- The version of the Cards Standardisation Volume, which will be the basis for market implementation, must provide a stable perspective for investments to all impacted stakeholders during a period of at least five years.
As outlined above, the CSG plans to release a stable version of the Cards Standardisation Volume in readiness for market implementation early 2014. This means that the CSG has delivered within the five year time frame normally required to develop such a solution in a Europe-wide multi-stakeholder environment, which is also consistent with the timescales for the evolution of international card standards.
The shared this position also with its response (see 'related links' below) to the Green Paper, entitled 'Towards an Integrated European Market for Card, Internet and Mobile Payments' (the Green Paper), published by the European Commission (the Commission) in January 2012 for consultation.
Based on the feedback received, the Commission is expected to shortly determine the need for action to address 'gaps' it perceives with regard to competition, choice and innovation in the area of card, internet and mobile payments. The and CSG believe that major achievements to date, to progress , include the development of the Cards Standardisation Volume. From a cards perspective, there are no segments in the payment chain where interoperability gaps are particularly prominent. As detailed above, the CSG addresses standardisation and interoperability issues by regularly reviewing the Cards Standardisation Volume, based on a structured consensus of all card industry stakeholders. The use of common standards for card payments is considered to be beneficial as it facilitates the acceptance and usage in all countries and increases choice and competition. Implementation of these requirements will deliver those benefits but demand investments and time by all card industry participants. Last but not least, innovation is a market participant-driven process where standards should be supportive of innovation to allow new initiatives to be interoperable and secure, and to enable them to 'opt in'. Card self-regulation when involving all stakeholders is best suited to be open to and keep pace with the fast evolution of technology, fraud and market developments, because of its inherent close connection with the market.
Based on that market reality, it is wise to support the continuation of the CSG's self-regulatory role and the effective implementation of the harmonised cards standardisation requirements contained in the Cards Standardisation Volume. This is the most appropriate and efficient way to achieve further integration of, and interoperability within, the European cards market. It would be welcomed if the European Commission would take this market reality into consideration when determining the new governance structure3.
Ugo Bechis is the Chair of the Cards Working Group.
Related articles in this issue:
The 2013 Euro Payments Outlook: Communication by the European Commission on its Vision for SEPA 2.0 Remains Pending. Reflections on the merit of European Union regulatory action aimed at promoting integration, competition and innovation
Related articles in previous issues:
'Towards an Integrated European Market for Card, Internet and Mobile Payments': Striking the Balance - Interoperability and the Access Dilemma. European Commission publishes feedback report on its Green Paper ( Newsletter, Issue 15, July 2012)
1 EMV is an industry standard to implement chip and personal identification number (PIN) security for card transactions to combat fraud.
2 ISO 20022 is an approach proposed by ISO to develop message standards for all domains of the financial industry. The growing catalogue of ISO 20022 standards covers a host of messages for the financial supply chain, designed to enable communication between players across all financial markets. For more information, visit www.iso20022.org.
3 Recital 5 of the European Union (EU) 'Regulation (EU) No 260/2012 establishing technical and business requirements for credit transfers and direct debits in euro and amending Regulation (EC) No 924/2009' states that the European Commission should "review the governance arrangements of the whole project before the end of 2012 and where necessary make a proposal." It is expected that the European Commission will table a related communication early 2013.
If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.