/ 2014 10 Google (TNS) (Consumer Barometer) 80% 68% ( ) 11 11 ( 11) 571 ( 95 ) 2013 362 58% (Black Friday) (Cyber Monday) 29 42.6% ( 243 ) 2013 20% 70% Apple Pay 2014 10 20 72 22 Apple Pay 500 VISA MasterCard American Express Apple Pay () ( ) ( ) ( ) 2014 9 NFC (Near Field Communication) www.fisc.com.tw 25
(Payment ization) (First Annapolis Consulting) : ( ) (Compliance) ( ) ( ) (Social Commerce) ( ) ( ) (Omnichannel) ( ) ( ) Apple Watch Google Glass BPAY Wristbands MasterCard Nymi (Wearable) ( ) 26 / No.81 / 2015.01
( ) (Logistic) 6 1 (Amazon) APP 3 ( NFC RFID Radio Frequency IDentification ) APP USSD (Unstructured Supplementary Service Data ) 1 1 www.customerthink.com Apple Pay (iphone ipad iwatch ) Touch ID Apple Pay APP (Apple Wallet Server) ( Service Provider ) (Payment ) Apple Pay App ( ) www.fisc.com.tw 27
Apple Pay PassKit (SE Secure Element) APP (ization ) ( ) Apple Pay 2014 3 EMVCo (EMVCo ization Specification v1.0) EMV (Card-Present Transactions) (None- Card-Present Transactions) ) ization EMV Encryption 1 1 EMV, Encryption, and ization How EMV, Encryption, and ization Protect Transactions Card-Present Transactions Cord-Not-Present Transactions Protects against: Using: Protects against: Using: Counterfeit cards Card authentication Not applicable. Not applicable Can be used with EMV Re-using stolen data Dynamic data separate reader, but Lost/stolen cards (with PIN) Cardholder verification (PIN) not widely deployed. Stealing data in transit P2PE or E2EE Stealing data in P2PE or E2EE transit Encryption Stealing data at rest Re-using stolen Various methods of encryption Stealing data at rest Re-using stolen Various methods of encryption encrypted data encrypted data Stealing data in transit Specific-use or limited-use Stealing data in Specific-use or Stealing data at rest token replacement for transit limited-use token ization Re-using stolen data payment card data 31 Stealing data at rest replacement for Re-using stolen data payment card data Smart Card Alliance 28 / No.81 / 2015.01
( ) 1. (PAN Primary Account Number) ( Requestor ) ( EMVCo VISA MasterCard American Express ) ( Assurance (ID&V)) 2 2. EMVCo ( Requestor ID) 3 Requestor Requestor ID Requestor Information Domain Restriction Controls Requested Assurance Level Legend Servive API Interface Existing Interaction Requestor Servive Provider Issuer Presentment (Server) Request Cardholder Assurance (ID&V) PAN Merchant or Digital Wallet 2 EMVCo ization Specification v1.0 Servive Provider 3 EMVCo ization Specification v1.0 ( ) ( ) ( ) / 4 www.fisc.com.tw 29
PAN and Fields Acquirer Payment Networks Issuer / Processor NFC Smartphone ized Credentials in Cloud ized Credentials in SE Merchant TSP Interface ize / Detokenize Servive Provider (TSP) 4 Smart Card Alliance ( ) 1. EMVCo (BIN Bank Identification Number) 2. EMV EMVCo 5 5 EMV Smart Card Alliance 30 / No.81 / 2015.01
行動支付創新之商業營運模式發展趨勢〡本期企劃 ( 五 ) 代碼發行與控管機制 收單銀行特約商店之刷卡端末設備 只要符 合 EMVCo 晶片標準均可適用 無須特別配合 依 據 EMVCo 代 碼 化 規 格 發 展 方 案 未 修改 發卡銀行擇定代碼服務商作業模式後 來卡片業務發卡模式將朝一卡 ( 帳戶 ) 裝備 只須小幅度修改與代碼服務商的代碼賦予及交 無卡片提示 ( 或電子商務 EC 類 ) 交易 QR- 易授權驗證系統訊息 即可快速提供代碼化作 Code 支付類型交易 批次扣款或清算交易等 業模式服務 代碼化交易之作業流程及其與 均使用代碼取代原信用卡卡號 授權交易訊 EMV 卡片之發卡與交易處理差異 分別如圖 息 並融合於各國際卡片業務組織 ISO8583 6 及 7 所示 訊息傳輸標準中 因此 導入代碼化功能 圖 6 支付憑證代碼化交易作業架構流程 資料來源 EMVCo ization Specification v1.0 www.fisc.com.tw 31
7 EMV gemalto NFC ( ) VISA MasterCard American Express Apple Pay 500 ( ) ( ) EMVCo 32 / No.81 / 2015.01
( ) ( ) ( ) NFC (SE) Google Android Host-based Card Emulation ( HCE) Android KitKat HCE TSM HCE ( ) ( ) Apple Pay TSM / www.fisc.com.tw 33
/ 1. VISA (www.visa.com) 2. MasterCard (www. mastercard.com) 3. (www.apple.com) 4. EMVCo (www.emvco.com) 5. Wikipedia (en.wikipedia.org) 6. www.customerthink.com 7. www.gemalto.com 8. First Annapolis Consulting, Inc. (www. firstannapolis.com) 9. Android (http://developer.android.com/ index.html) 10. Smart Card Alliance (http://www. smartcardalliance.org) 34 / No.81 / 2015.01