Way forward on publication of revised Scheme Rulebooks
November 2009 releases
Following approval by the Plenary in October 2009, the three Rulebooks are updated to reflect changes regarding the Scheme Management Internal Rules and other legal aspects. These changes have no impact on scheme operations whatsoever. These Rulebook versions will take effect on 2 November 2009. The Rulebook version 3.2 will be replaced by version 3.3. The Core Rulebook version 3.3 will be replaced by version 3.4. The B2B Rulebook version 1.2 will be replaced by version 1.3.
November 2010 releases
In addition, following approval by the Plenary in October 2009, versions of all three Rulebooks including some operational changes will be published on the web site. These Rulebook versions will take effect on 2 November 2010. The Credit Transfer Scheme Rulebook version 4.0, the Core Direct Debit Scheme Rulebook version 4.0 and the Business to Business Direct Debit Scheme Rulebook version 2.0 have all been updated following an annual three month consultation with all stakeholders. New mandatory and optional elements which reflect customer requirements have now been included, giving banks and their service providers sufficient time to address the updates ahead of 1 November 2010 effective date. For further details please refer to the article “New SEPA Scheme Rulebooks out now. Latest editions address further customer and industry needs” in this Newsletter.
Approval of “Recommendation on Customer Reporting of Credit Transfers and Direct Debits”
With the usage of ISO 20022 message standards as mandatory in the interbank space and the earlier provision of the recommended Implementation Guidelines for the customer-to-bank space (C2B), now the recommended bank-to-customer (B2C) account reporting messages complete the end-to-end chain for transactions. For further details, please refer to the article “Going all the Way. EPC guidelines on customer reporting of SEPA Credit Transfers and SEPA Direct Debits” in this Newsletter.
Approval of the PIN Shielding document for publication
The document “Privacy Shielding for PIN Entry” was approved for publication on the web site.
Privacy shielding is one of several means for reducing the risk that cardholder PINs (Personal Identification Numbers) are observed during PIN entry. In addition to the provision of a shield:
• Cardholders need to be educated to use their body and hands as shields when entering their PIN
• Merchants need education on the proper deployment of PIN entry devices, especially with respect to customer queues and in-store security cameras
• Cashiers need education on the proper use of PIN entry devices.
Acquirers and domestic payment organisations in different countries have defined their own requirements on privacy shielding. Consequently, terminal manufacturers need to comply with different requirements and cardholders may be faced with differing configurations within a country and across Europe.
The PIN Shielding document identifies common criteria for privacy shielding for POS (Points of Sale) and ATMs (Automated Teller Machines) in a variety of environments. It is based on existing European hardware requirements aiming to provide refinements and additions as appropriate.
It is recognised that existing requirements and installations are not always compliant and that it may take years to align them, even if taken up throughout Europe. However, this document aims to support the Cards Framework objectives of a consistent customer experience with regard to the use of cards and terminals and to further reduce the risk of fraud resulting from shoulder surfing. It also contributes to the required standardisation activities and may be used by banks and banking organisations in discussions with terminal suppliers.
Approval of joint / GSMA document on TSM requirements for public consultation
The Plenary approved the document “TSM Service Management Requirements and Specifications” in the Single Euro Payments Area for public consultation. The document was developed jointly by the and GSMA, the global trade association representing the mobile network operator (MNO) community. It describes the different roles and processes involved in the provision and lifecycle management of banks’ mobile contactless payment (MCP) applications integrated into a mobile phone. For further details please refer to the article “SEPA for Mobile: the linking Pin. Public consultation on Trusted Service Manager requirements” in this Newsletter.
Gerard Hartsink is the Chair of the .
If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.