By (author): Cristian Radu
As magnetic stripe cards are being replaced by chip cards that offer consumers and businesses greater protection against fraud, a new standard for this technology is being introduced by Europay, MasterCard, and Visa (EMV). This cutting-edge, new book provides you with a comprehensive overview of the EMV chip solution and explains how this technology provides a chip migration path, where interoperability plays a central role in the business model. The book offers you a better understanding of the security problems associated with magnetic stripe cards, and presents the business case for chip migration. Moreover, it explains the implementation of multi-application selection mechanisms in EMV chip cards and terminals, and shows you how to design a multi-application EMV chip card layout. This first-of-its-kind resource also discusses the organizational and management issues in connection with the EMV chip migration and the use of EMV chip cards in e-commerce and m-commerce transactions. An excellent reference for today 's IT/e-commerce professionals and post-graduate student alike, the book helps you fully understand this emerging, complex payment card technology.
Table Of Contents
Introduction.; Payment Card Processing - Payment Card Processing at a Glance. Roles Involved in Payment Card Processing. Payment Card Brands. Credit and Debit Payment Cards. Zoom on the Magnetic Stripe Card. Threats and Security Protections. Processing at the Point of Service. Payment Network and Interchange Messages. Online Authorization. Clearing and Settlement.; Chip Migration - A Business Case for Chip Migration. An Overview of the Chip Card Technology. Proprietary Payment Application. Interoperable Payment Application. ; Organization of the EMV Specifications. - EMV Data Elements and Commands. EMV File System. EMV Application Selection. EMV Certificates - Certification Mechanism and Algorithms. - Public Key Certificate for RSA Scheme. Entities and Certifiers. Entity Public Key Remainder. - EMV Certification Chains. Issuing EMV Public Key Certificates. Verifying EMV Public Key Certificates. Issuing Signed Static Application Data.; Verifying Signed Static Application Data. Debit and Credit with EMV - Overview of the EMV Debit/Credit Transaction. Initiate Application Processing. Read Application Data. Offline Data Authentication. Processing Restrictions. Cardholder Verification. Terminal Risk Management. Terminal Action Analysis. Online Processing and Issuer Authentication. Issuer Scripts. EMV chip migration issues - EMV Regulatory Framework. Deriving ICC Specifications by Issuers.; Selection Criteria of the ICC Architecture. Multi-Application ICC. Issuer 's Business Case. Adaptive Initiate Application Processing. Design Criteria for CAM Selection. Design Criteria for CVM Selection. Processing Restrictions. Card Risk Management.; Remote Card Payments and EMV - A Model for Remote Card Payments. Security Aspects of Remote Card Payments. Remote Payment Method Based on TLS. SET Based Solutions. TLS vs. SET or Wallet Servers and EMV Cards. Transaction Processing for Chip E-commerce.; Appendixes- Security Approach. Generic Security Threats. Security Mechanisms. Block Ciphers. RSA Encryption and Signature Scheme. E-commerce and M-commerce Related Technologies.;
Cristian Radu is currently an independent consultant for payment system and telecom operators in Belgium. He has over 15 years experience as an engineer, researcher and professor. Dr. Radu earned his Ph.D. in electrical engineering at the Catholic University of Leuven, Belgium.