The payments industry is regulated by a set of regulatory bodies that produce international industry standards for all payment players and merchants to follow. These regulatory bodies are formed in order to ensure maximum security across the industry, at times when cyber-attacks are becoming more frequent and smarter. One of these organisations is EMVCo. Though you may have not heard about it before, EMVCo plays a significant role in the security of card payments worldwide. Let’s dive into EMVCo and the impacts it has on the industry.
EMVCo is a technical body composed of six of the largest payment networks worldwide: Amex, Discover, JCB, Mastercard, UnionPay, and Visa. These payment networks have incredible power in shaping the payments world and defining some of its rules.
The purpose of this organisation is to facilitate the security and interoperability of payment technology worldwide, by providing and promoting standard specifications that are applicable industry-wide. However, the EMVCo is not responsible for enforcing rules or ensuring that issuers, acquirers, and merchants are compliant with them. Instead, these obligations belong to each payment network.
The EMVCo was established in 1999 and EMV initially stood for Europay, Mastercard and Visa. While it focused on debit and credit chip cards and chip terminals at that time, it has evolved to include QR Codes, eCommerce payments, and mobile contactless payments too, as these are some of the most popular payment methods. Its specifications continue to evolve to meet the ever-changing and increasingly innovative trends in the industry.
EMVCo collaborates with other standardisation and regulatory bodies in the payments industry, in order to share perspectives and ensure their worldwide goals are aligned. Some of these organisations include the NFC (Near Field Communication) Forum, GlobalPlatform, GSMA, PCI SSC, AFSCM, APSCA, ETSI, the European Payments Council, US Payments Forum, and the Secure Technology Alliance.
Some of these bodies are already quite well-known, particularly the PCI SSC and ISO. GlobalPlatform, for instance, is responsible for the standardisation of the management of applications on secure chip technologies, whereas the NFC Forum is responsible for managing NFC interactions. All of these organisations benefit from collaboration with one another in order to ensure alignment in terms of security and innovation.
Furthermore, in order to establish a more centralised and collaborative environment, EMVCo runs an Associates Programme that is open to all interested parties. These parties may include banks, merchants, processors, vendors, and other stakeholders.
As we discussed, the EMV specifications are set to provide an industry standard, rather than rules enforced on payment players. The enforcement of these standards and other rules is the responsibility of payment networks independently. The EMV specifications are the following:
Compliance with EMV means that merchants and all the other payment players are taking all the precautions needed to prevent card fraud, including investing in the right security technology. Every credit or debit card contains an EMV chip nowadays. However, before this was introduced, cards would contain a magnetic stripe that contained data that never changed. This means that fraudsters who were able to get hold of your card could instantly access all of your cardholder information. Magnetic stripe cards were also very prone to counterfeiting.
EMV chips, however, create a unique transaction code every time they are used. This means that fraudsters wouldn’t be able to duplicate your card based on a transaction, making it much safer for cardholders. EMV compliance is crucial because it means that businesses have the right point-of-sale equipment to support EMV payment technology. The card reader is EMV compliant and customers can insert their card and initiate the payment safely. If the only option offered is to swipe the card, then merchants may not be EMV compliant, and the risks of card fraud are higher.
Imburse is a cloud-based middleware connecting large enterprises to the payments ecosystem, regardless of their existing IT infrastructure. Through a single connection to Imburse, enterprises can collect or pay out using a variety of payment technologies and providers around the globe.
In a world where consumers payment preferences and technologies are ever-evolving, Imburse works with insurers to future-proof their payment requirements. Regardless of the business area, market, or requirements, Imburse will connect you to your choice of technology and provider.
Reach out to our team below should you want to discuss how Imburse can help you. Our team is happy to show you what our platform can do for your business and offer you a free demo.