The principle governing the Cards Standardisation Programme
In 2004, the European Central Bank expressed the expectation that in cardholders should be able to use any card at any terminal to pay for goods or services or withdraw cash under the same conditions as in their home country. To realise this vision, at least the development of -wide applicable standards both for cards and terminals - that complement the Cards Framework's high level principles and rules - is required.
Achieving greater standardisation in the European card world is a necessity going forward, yet a formidable challenge considering that the cards value chain comprises many stakeholders such as cards manufacturers (hardware and software), merchants, acquirers, processors, issuers (banks and non-banks) and schemes. Indeed, when undertaking such a standardisation task, conflicting dimensions have to be reconciled:
The often-excellent service experienced by both cardholders and merchants may not be disrupted. As far as notably cardholders are concerned, greater standardisation must remain almost transparent to them.
Retailers have significantly invested in and deployed terminal equipment and related software applications. The depreciation deadlines of these equipments up to now reflect individual decisions rather than any grand European vision. In addition, in a number of countries, retailers have just completed a migration to EMV (Europay MasterCard Visa programme to implement CHIP & PIN security for card transactions). Also, retailers are not one. The different requirements of their multiple professions and sectors result in specificities, which must be translated into the products they deploy.
Manufacturers appreciate a measure of standardisation, yet also want to be able to differentiate their ware from each other and take advantage of innovation in order to compete in the marketplace.
Some policy makers and regulators harbour significant expectations from standardisation: economies of scale should be achieved based on the introduction of standard equipment certified and deployable at European level; these economies of scale should in turn decrease costs and make payments with cards an even more attractive proposition. This ambition, however, involves a much wider set of stakeholders than the community. Other regulators advocate open competition among stakeholders, which is a difficult objective whenever cards standardisation is heading for commoditisation of basic services.
Finally, Europe is not an island. Standards for cards are not only decided in Europe, and stakeholders in Europe are concerned about compatibility beyond Europe's borders of the solutions they propose and/or implement. This is particularly sensitive for cards and terminals security, the methodology used to measure it and the governance of the bodies defining and maintaining those requirements.
To further illustrate the challenges of cards standardisation it is worth to highlight the most significant differences with standardisation in support of the Credit Transfer Scheme and the Direct Debit Schemes:
- The card payment issuing to acquiring value chain involves many more stakeholders - in addition to banks and schemes also retailers, manufacturers, processors, certification laboratories and authorities have a major role to play. The objectives and investment cycles of these different stakeholders, however, do not necessarily converge. Yet all stakeholders must be involved in standardisation work to ensure meaning and traction.
- A significant amount of standardisation activity had already been initiated by a variety of expert groups prior to the launch of the initiative and is ongoing, both at international and regional level. Going forward, the appropriate balance must be struck between the requirement of maintaining global interoperability and ensuring proper consideration of European perspectives and timelines. Whilst the quality of the work performed by individual fora must often be applauded, these activities, however, would benefit from more formal both co-ordination and structured involvement of all stakeholders.
- Contrary to the Credit Transfer Scheme Rulebook and the Direct Debit Scheme Rulebook, the Cards Framework (SCF) developed by the is no scheme. The SCF is a policy document which states how actors in the cards market such as card schemes, card-issuing banks, banks servicing card-accepting merchants and other service providers must adapt their current operations to comply with the vision for card payments in euro. It is the choice of any actor in the cards market whether to become SCF-compliant or not. As a consequence, may neither mandate nor enforce use of the "standards" defined in the SCF or through its work on cards standardisation. By comparison, banks that have formally adhered to the Credit Transfer Scheme, for example, are contractually bound to the rules defined in the Credit Transfer Scheme Rulebook.
The approach to cards standardisation
Following the approval of the SCF the recognised that additional work was required so that the commitment to cardholders - namely, that there are no differences whether they use their card(s) in their home country or somewhere else within - can be delivered in the most efficient manner by banks and schemes. The necessity for further standardisation has also been repeatedly highlighted by European regulators.
In consequence, the committed vis-à-vis the European Central Bank and the European Commission to deliver a framework for card standardisation by December 2008 which would take into consideration the extensive standardisation work already accomplished by existing cards initiatives. The scope of this project was thus the definition and description of core requirements to be implemented throughout the card payment and cash withdrawal value chain (including certification) in order to enable SCF compliance.
The decided to draft a reference document including the major standards already defined, the so-called "Volume". Two key principles were respected in the process leading to the approval of the Volume version 3.01 in December 2008: continued dialogue with stakeholders, and potential for wide market acceptance.
As such, the Volume now available for market adoption reflects responses received during two consultations which availed stakeholders with the opportunity to provide detailed input on the work in progress.
The next steps
The Volume serves as the basis for further work to be performed in the future. The evolution of the Volume will be subject to a formal governance and maintenance process. The following milestones are envisaged to be achieved in 2009:
- Detailed rules for the governance and maintenance of the Volume will be formulated: these rules will define the composition and modus operandi of the "Group of Stakeholders" that will advise on the continued evolution of the Volume. This Group will not substitute the Cards Stakeholders Forum which provides the opportunity for open, informal exchange of views and will continue to meet regularly going forward.
- The necessary collaboration between and international standards organisations, EMV Co on one side, PCI SSC on the other, will be finalised with the objective to coordinate and strengthen the positions of European banks in these fora. In parallel, will ensure that an overview of card standardisation related work in ISO (International Standardisation Organisation) is available, and that liaison with European ISO representatives provides for the necessary coherence.
- Work on the certification framework will be taken forward, including the development of related governance principles, with a view to develop a single evaluation methodology in the long term.
- It is envisaged to make possible the usage of ISO 20022-based specifications first for clearing, later for authorisation in the acquirer-to-issuer space.
- In close co-operation with all stakeholders first models for the implementation of the Volume as well as migration scenarios will be developed. This process should result in the publication of a roadmap to inform and guide players through the card payment value chain.
The activities described above will trigger a further iteration of the Volume. This further (and any subsequent) version will be the subject to a formal and public consultation, which could result in a next version to be released in nine to twelve months time. It is not foreseen at this stage that there would be shorter intervals for future iterations.
Francis Geets is the Programme Manager responsible for Cards Standardisation and Fraud Prevention.
If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.