The launches today a three-month public consultation on the Mobile Contactless Card Payments Implementation Interoperability Guidelines ( ).
These guidelines aim to be a reference for all stakeholders working on mobile contactless payments in Europe (based on card payments). In our increasingly digital society, mobile phones are more and more used to pay, including in a face-to-face situation (at a merchant’s store, for example). Mobile contactless card payments are therefore a hot topic, and standardisation in the area, which would ensure a smooth and secure user-experience wherever in Europe, is still lacking.
With stakeholders from the mobile contactless payment industry, the has updated the . The last version was published in 2011, and a considerable update was needed to reflect new technologies and regulations.
Overview of the most significant updates
- The guidelines previously only covered contactless mobile payments based on NFC (Near Field Communication) technology. Their scope has been extended to include new technical solutions such as:
- Cloud-based HCE (Host Card Emulation – a software architecture that allows the emulation of a contactless card on the mobile device) solutions which have been introduced in many European countries over the past years as an alternative to Secure Element (SE)-based solutions. HCE does not require the usage of a secure element on the mobile device for the storage of sensitive data and enables a simpler mobile contactless card payment ecosystem.
- A new type of Secure Element, the eUICC (an embedded Universal Integrated Circuit Card). In contrast to the well-known UICC (or SIM card), this is a new hardware version of a UICC which is non-removable and built-in within the mobile device by its manufacturer. It offers the user the possibility to change its mobile network operator over-the-air, without needing to physically change the embedded UICC itself.
- The concept of strong customer authentication as defined in
has been added to the document.
- The guidelines have also been enriched with an extensive set of mobile contactless payment use cases for illustrative purposes.
- New concepts such as ‘tokenisation’ and ‘payment card manager’ have been introduced.
- Finally, the guidelines are now aligned with recent standardisation work in the area (produced by EMVCo, GlobalPlatform and the European Cards Stakeholders Group).
How to participate in the public consultation?
The consultation is opened until 26 January 2018. All interested stakeholders are invited to read the updated version of the MCP IIGs, and to submit their comments via the dedicated questionnaire.
The encourages all stakeholders to have their say in order to further enhance the guidelines. All comments will be reviewed, and a final version will be published around March 2018.
If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.