[Dave Birch] EMV migration in the UK is complete, as you all know, and the fact of the matter is that it went pretty smoothly and on the whole, worked rather well. According to APACS cards and fraud control manager of operations, Martin Lewis, and head of cards technical unit David Baker, there are now 133 million chip and PIN cards in operation, supported by 900,000 sales terminals and more than 61,000 ATMs. The migration is spreading around the world, all the way up to the U.S. border. When even Canadian and Mexican migration is complete, will the U.S. then be forced to issue EMV? Probably not, because of on-line authorisation. Besides, who knows what new technologies will be dominating the retail payments space by then?

Technorati Tags: ,

As has been noted, whereas the vast majority of the EMV cards shipped to banks around the world to date have been the less expensive Static Data Authentication (SDA) kind that can be cloned rather than the more expensive Dynamic Data Authentication (DDA) kind that cannot, in the last quarter of 2006 (according to the Smart Payment Association) the DDA cards accounted for 27% of the almost 100m EMV cards shipped. This fraction will certainly increase over the coming years, not simply because banks will in general shift to the secure cards but because the introduction of dual-interface and contactless cards increases the pressure for offline (ie, faster) transactions and offline transactions need DDA (which is why Visa has mandated for DDA for dual-interface cards outside the US).

As the volumes go up, the prices will continue to fall (the Visa/MasterCard specification white plastic DDA cards are already down to a couple of euros. It’s time to start thinking about adding PKI-based applications to the DDA cards (DDA cards have cryptographic co-processors on board capable of doing the asymmetric cryptography necessary) and implementing genuine end-to-end security for financial services instead of one-time passwords and pictures of grandmothers.

These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]

Leave a Reply


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
%d bloggers like this: