Engaging, Enabling and Evolving Commerce in Canada since 1989

February 2013 ACTion Newsletter

Welcome to the February edition of ACTion News. This complimentary service is provided by ACT Canada; "building an informed marketplace". Please feel free to forward this to your colleagues.

If you would prefer to receive this newsletter in plain text please email your request to andrea@actcda.com.


  1. Editorial - Delivering On The Mobile Promise
  2. MasterCard's Digital Wallet Strategy Takes A Big Step Forward With MasterPass
  3. Enstream To Enable SecureKey Authentication Technology On Bell, Rogers And Telus Smartphones In Canada
  4. Visa Debuts New Mobile Payments And NFC Partner Program For Merchants And Developers, Ready
  5. PayPal Hit UK Retailers With Here – The First Step In Their Global Move – Members Only Story
  6. VeriFone And MasterCard To Demonstrate Omni-Channel Checkout Experience To Merchants And Consumers
  7. Changing Consumer Credit Behavior Benefits Mobile Payments
  8. Gemalto Launches New Mobile Wallet Application
  9. Eye On M-Commerce: Amazon Coins A Digital Currency; Google Cites New 'Forms Of Payment' – Members Only Story
  10. American Express Syncs With Twitter To Unlock The Purchasing Power Of The #Hashtag
  11. Symantec And G&D To Partner On Protected Security Applications For Smartphones And Tablets
  12. Merchant Advisory Group (Mag) Payments Roadmap Update
  13. Oberthur Technologies' New NFC Embedded Secure Element Receives Google Wallet Certification Following Mass Deployment In Google Nexus Devices
  14. Report: Isis Redesigning Mobile Wallet For Expansion To Apple's IOS – Members Only Story
  15. Collis Brand Test Tool Now Qualified By MasterCard For ATM Testing
  16. Visa Inc. And JPMorgan Chase Sign Letter Of Intent For New And Expanded Partnership Agreement
  17. The Hub Joins The Multos Consortium
  18. Europe Shifting To Digital Money And Online Sales For Micropayment – Members Only Story
  19. Infineon Debuts Coil On Module To Support Global Contactless Payment Applications
  20. China Unionpay, Gemalto To Bring NFC Ecosystem To China
  21. Monitise, Blackberry Launch BBM-Based Mobile Payment Scheme In Indonesia – Members Only Story
  22. Oberthur Technologies Certified By MasterCard For The New NFC Embedded Secure Element With Mobile PayPass Applet
  23. FIME Obtains EMVCo Accreditation To Test Secure Elements In Contactless Payment Environments
  24. 3 In 4 Mobile Users Conduct Banking Activities Using Smartphones – Members Only Story
  25. Giesecke & Devrient Is Securing Mobile Life: In Cars, In Payments, And In The Cloud
  26. Visa Offers A 'Generic, Unbranded' Aid To Make EMV Durbin-Compliant
  27. KDDI Using Gemalto TSM In The World's First Commercial NFC-Based Flight Boarding Service For Japan Airlines
  28. Square Creates Full POS System In One Package For Ease Of Adoption – Members Only Story
  29. Oberthur Technologies And Smart Catch International To Provide Trusted Service Management For NFC Service Deployments In Taiwan
  30. Look For Lenovo, PayPal, Launch Post-Password Plan
  31. Rewards, Subsidies Help Spur Activity For Isis In Mass Transit And Vending – Members Only Story

ACT Canada Partner:


Visa Canada Inc.
Visa operates the world's largest retail electronic payments network and is one of the most recognized global financial services brands. Visa facilitates global commerce through the transfer of value and information among financial institutions, merchants, consumers, businesses and government entities.




Presidents Choice Financial ~ member since 2008


INSIDE Secure SA ~ member since 2008
KPMG Management Services LP ~ member since 2011
Torys LLP ~ member since 2012



ACT Canada has launched a Job opportunities section on our web site. Please visit www.actcda.com to see the latest job postings in our industry.

Wanted: Executive Assistant
ACT Canada is seeking a highly organized person who can adapt and work in a fast paced environment. This person must get satisfaction from assisting executives so that they can do their best work. If that describes someone you know, please have them email Britteny at info@actcda.com, with resume and contact information. We will follow up from there.


There is a lot of movement in the market, so if you are looking for new employees, we are always aware of some great people. Please contact ACT Canada for more details – postings@actcda.com.



Canadian Wireless Telecommunications Association presents NFC Payments Canada 2013
March 20, 2013
Toronto Board of Trade
Toronto, ON, Canada

ACT Canada EMV Roadshow will be at the following events:

Card Forum
April 7, 2013
Boca Raton, FL, USA

Cartes America
April 23, 2013
Las Vegas, NV, USA

NFC Solutions Summit 2013
May 15-16, 2013
Presented by The Smart Card Alliance and the NFC Forum
Hyatt Regency San Francisco Airport
Burlingame, CA, USA

Cardware 2013: Payment Insights
June 18-19, 2013
Marriott Gateway on the Falls
Niagara Falls, ON, Canada
ACT Canada members receive discounts

Source: Catherine Johnston, President & CEO, ACT Canada (02/27)

Delivering on the Mobile Promise

What can I say that is new on this subject. We have always known that technology will support anything we want to do in the mobile space. We have always suspected that different solutions such as NFC, embossed SIMs and Micro SDs would all be deployed to meet specific needs. We knew that the business case would be extremely difficult to build given the expansion of the traditional payment model to include carriers and potentially TSMs. Having said that, there is something new. The dialogue around mobile is coalescing on what consumers do and don't want and what is needed to provide a sustainable growth market.

TSMs go a long way to making mobile a healthy market for serious business, not just gaming and consumer convenience apps. They address many of the concerns that we had in the early days, but we now need to address the remaining barriers. Our members of the Mobile Strategic Leadership team are making headway and Cardware 2013 unabashedly tackles those barriers, with a look to how to move forward with mobile and with e-wallets. Hope to see you there.

With Profound Thanks
I was in a crowded ballroom when the leader of the opposition, Pierre Trudeau, broke the news that Canadian embassy staff had successfully smuggled six Americans out of Iran, at risk to their own lives. To Ken Taylor, the family of John Sheardown, Patricia Taylor, Zena Sheardown, and embassy staff members Mary Catherine O'Flaherty, Roger Lucy, and Laverna Dollimore, I would like to say thank you. This was not your job. This was an act of valour and exemplifies humanitarianism. You made us proud to be Canadian, you humbled us with your courage and you inspired us to be better people.

I do not personally know any of these fine people, but if you do, please pass along my thanks.

To Major General (Retired) Clive Addy, Jim Robbins and Paul Zatychec, people I do know, thank you for what you have done for this country.

Source: MobilePaymentsToday (02/25)

MasterCard is beginning this year's Mobile World Congress by announcing the evolution of its digital wallet strategy. The payment company is introducing MasterPass, a new digital service that not only lets consumers store their payment credentials in a digital wallet for online shopping, it will also support access to those credentials through mobile devices at the point of sale.

MasterCard has also announced a number of partners supporting the MasterPass suite of services including issuing banks, merchants and payment technology providers.

MasterCard provides a missing link

MasterPass is the next step for MasterCard's PayPass Wallet Services introduced at last year. With the PayPass Wallet, consumers could store their payment credentials securely within the cloud along with information like billing and shipping addresses. Online merchants could integrate the PayPass wallet into their checkout process so that with a few clicks online customers could complete their transactions. The intent of the PayPass Wallet was to make online shopping through mobile devices simpler and quicker, eliminating the need to enter a large amount of data using tiny mobile screens. It even allowed users to store non-MasterCard brand cards.

With the new MasterPass services, payment credentials entered into the digital wallet will support technologies for payments in brick-and-mortar stores as well. That means that providers using technologies like NFC and QR codes at the point of sale can integrate with MasterPass and use it to store consumer data safely in the cloud, accessing those credentials whenever a purchase is made.

"Every device is becoming a shopping device," said Ed McLaughlin, chief emerging payments officer, MasterCard, in a statement. "MasterPass brings together all of the ways we pay for things, from traditional plastic cards to digital wallets, and gives consumers the ability to make a payment from wherever they are and with one simple experience."

What this cloud-based approach means for mobile payments is that one of the major players in the space seems to be moving away from storing payment data on a secure element embedded in a mobile device. Control of the secure element has been an issue as NFC-based mobile wallets have developed. For instance, Google Wallet has been effectively blocked by mobile network operator Verizon Wireless on the NFC-enabled handsets it offers to its subscribers. Instead, Verizon allows only the mobile wallet from Isis, of which it is a one-third owner, on handsets it sells.

An open wallet for all

Like PayPass, MasterCard is making MasterPass wide open so partners like merchants, financial institutions or technology providers can build their own wallets on top of MasterPass. MasterCard has even gone so far as to allow any branded credit, debit and prepaid card to be stored in a MasterPass account.

As a part of introducing MasterPass, MasterCard has also announced a large group of merchants, FIs and technology companies who are working with Mastercard in support of MasterPass. Partners include major banks like Banco Santander, Citi and Fifth Third. Financial technology companies including VeriFone, Cardinal Commerce and mFoundry are also supporting MasterPass. And MasterPass will be available at more than 5,900 merchants, MasterCard said.

"We understand the strategic importance of achieving true and global convergence in acceptance, security and simplicity across all channels, including digital," said Javier Herraiz, global director of innovation in payments for Santander Cards. "MasterPass allows us to offer to our customers, cardholders and merchants an immediate competitive solution for e-commerce, and a great foundation for new in-store experiences."

MasterCard said MasterPass will be available to consumers through FIs starting this spring. Australian and Canadian consumers will be able to access MasterPass by the end of March. The United States will see MasterPass later this spring with the U.K. getting the MasterPass service in the summer. MasterPass will be available in other markets around the world throughout 2013 including Belgium, Brazil, China, France, Italy, Netherlands, Singapore, Spain and Sweden, MasterCard said.

MasterCard is a member of ACT Canada and a Cardware sponsor; please visit www.mastercard.ca.

Source: SecureKey Technologies (02/20)

SecureKey Technologies today announced that it has completed an agreement with EnStream, a joint venture of Bell Mobility, Rogers Communications, and TELUS Corporation, to enable SecureKey authentication technology on mobile phones in Canada.

"We are excited to be working with EnStream and its mobile service provider partners to greatly expand the number of devices that will support SecureKey's authentication, identity and online payment solutions," said Charles Walton, CEO of SecureKey Technologies Inc. "Our solutions allow people to use real-world payment and identity cards with their mobile phones to enhance online security and payments in a simple and convenient manner."

SecureKey recently launched SecureKey Concierge, a new authentication service for the Government of Canada that enables Canadians to use their bank authentication credentials to obtain access to online government services like pension, tax and benefits. It is part of the Canadian Government's Federated Identity Management strategy, which promotes the interoperability of security credentials to create a lower cost, more convenient, and more secure authentication ecosystem for consumers and business.

The EnStream partnership makes more devices available that can be used to enhance security and privacy for this and many other services. "EnStream's mandate is to accelerate the adoption of secure, SIM-based NFC mobile payments in Canada through common platforms. Our partnership with SecureKey gives Canadians an innovative and valuable solution that can be used with services from government, healthcare providers and financial institutions," said AlmisLedas, COO of EnStream. "SecureKey is the first credential issuer to announce that it will make use of our ability to deploy secure credentials on SIM-based secure elements for mobile carriers in Canada."

The use of NFC-based contactless cards is growing rapidly as a global standard to enhance security and privacy, and reduce identity theft and fraud. By enabling its technology on mobile phones and tablets, SecureKey allows consumers and businesses to securely access online services and affect online payments simply using their mobile devices for enhanced security and authentication. Working with mobile wallets, SecureKey can also enable secure access to stored credentials, making the online experience more seamless.

SecureKey Technologies is a member of ACT Canada; please visit www.securekey.com.

Source: TechCrunch (02/22)

Visa is ramping up its partner program to help integrate its payments technologies in mobile devices and platforms. The new initiative, called the Visa Ready Partner Program, aims to help mobile device manufacturers, technology partners, mobile network operators, and others gain access to Visa IP, licenses and more.

While Visa has an existing program for the approval of mobile NFC-enabled devices, the company is revealing a new program to enable APIs, and SDKs for all mobile point-of-sale acceptance and payments. In addition, Visa has developed the new Visa Ready symbol to identify payment devices and solutions approved for use with Visa payments.

The program itself has a number of layers. First, it is a resource for developers to determine whether devices, software and other technologies used to initiate or accept Visa payments are compatible with Visa's requirements, which Visa says, varies by country. For financial institutions and merchants, the Visa Ready Partner Program will provide the ways that these companies can adopt and access tested and secure mobile payments solutions.

As part of the program, Visa will make APIs and SDKs available to allow mobile point of sale providers to connect to Visa via payments gateways CyberSource and Authorize.Net. Visa says it will also provide other tools, applications and services to help developers build products that are compatible with magnetic-stripe, EMV-chip, and contactless-card payments.

Visa is also streamlining its compliance testing process for both mobile NFC devices and secure chips that host the Visa payWave application. Part of this process includes establishing a required signal range for mobile NFC-enabled devices hosting the Visa payWave application.

Visa, which invested in payments company Square a few years ago, is looking for more ways to be part of the development process of new technologies as more companies and startups dip their toes in mobile payments products. This program is a way to work with developers to make sure they are developing secure products, and incorporating the ability to accept Visa into these payments portals.

Visa is a member of ACT Canada and a Cardware sponsor; please visit www.visa.ca.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section

If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: VeriFone (02/25)

VeriFone Systems, Inc. and MasterCard, announced an agreement that enables consumers and merchants to use the MasterCard MasterPass service, unveiled at Mobile World Congress, at the point of sale – both at the register and in the aisle.

VeriFone and MasterCard plan to integrate MasterPass as a cloud-based payment option within VeriFone's GlobalBay Mobile Point of Sale (mPOS) and GlobalBayClienteling applications. This will allow shoppers to access their MasterPass wallet accounts to pay from anywhere in the store on mobile devices – such as smart phones and tablets – using the GlobalBay software. Additionally, VeriFone will continue to support contactless acceptance of the MasterPass wallet.

MasterPass is the evolution of PayPass Wallet Services, which was announced in Spring of 2012 and has been in a production trial with select merchants and issuers. The digital service allows consumers to use any payment card or enabled device to discover enhanced shopping experiences that are as simple as a click, tap or touch – online, in-store or anywhere.

VeriFone's GlobalBaymPOS application helps retailers improve the overall customer experience by enabling them to arm associates with mobile devices to scan items, apply coupons and discounts, and complete transactions from any location in the store. The GlobalBayClienteling application helps build more personal and profitable customer relationships by enabling associates to record consumer preferences and buying habits, and leverage customer data for promotions and cross-selling. The MasterPass integration will take the commerce experience further, combining retailer data with actual purchase data for more targeted customer offers.

"Consumers want to shop and pay in whatever way best fits their needs and lifestyles, from every device they have, with a simple tap, click or touch at the register, in the aisle, at home, on the go – or anywhere else," said Ed Olebe, group head, MasterPass Services, MasterCard. "We look forward to working with VeriFone, a world leader in enabling new forms of payment acceptance at the point of sale – wherever that may be, to help deliver easy, fast and secure ways to make in-store payments and create new shopping experiences for merchants and consumers alike."

"VeriFone is continuing to improve the consumer shopping experience and drive omni-channel adoption by helping retailers adopt the new wallet and alternative payment innovations their customers are demanding," said Jennifer Miles, executive vice president of North America for VeriFone. "VeriFone's experience and assets enable us to manage the complexity of integrating these new technologies into the existing retail infrastructure, whether the format is NFC, QR code or the cloud."

VeriFone's customer base includes 75 percent of the top 200 largest retailers in the U.S., providing additional opportunities for cloud-based wallet acceptance.

MasterCard and VeriFone are members of ACT Canada and Cardware sponsors; please visit www.mastercard.ca & www.verifone.com.

Source: MobileMarketingWatch (02/18)

Mercator Advisory Group has published some interesting findings in a new research report highlighting changing consumer behaviors with regard to credit cards.

As it turns out, younger shoppers aren't into plastic quite like their elders were and still are.
The report titled "Consumers and Credit 2012: Come Back, Young Cardholders" indicates that only 59 percent of young adults in this age group now have credit cards. 70 percent of seniors, meanwhile, are packing plastic.

All told, debit is bypassing credit with younger shoppers. 36 percent of young adults use debit cards as opposed to just 12 percent of seniors.

"The anticredit card sentiment appears to be waning," said Karen Augustine, manager of CustomerMonitor Survey Series at Mercator Advisory Group. "But issuers need to address the needs of the young adults in order to stimulate greater credit card volume."

According to eCommerce analyst Sinclair Briar with the XK Mobile Solutions, today's young shoppers will drive mobile payment and NFC adoption through the roof in coming years.

"Make no mistake about it," Briar says, "today's consumers do not have an aversion to spending. They are the most debt heavy young society in human history. It's just their payment preferences which are shifting. NFC tests very positively with focus group of shoppers under the age of 40. Mobile payment options are resonating with this group solidly. Diminishing credit card access is only going to benefit mobile momentum in the long run."

Mercator Advisory Group is a member of ACT Canada; please visit www.mercatoradvisorygroup.com.

Source: Gemalto (02/25)

Gemalto is launching its LinqUs Mobile Wallet – the complete suite of secure software solutions that enables a range of NFC services, mobile banking, mobile payment and loyalty programs, all integrated in a single wallet. Showcasing for the first time at Mobile World Congress 2013 (Hall 5 Stand 5G120), the new LinqUs Mobile Wallet extends Gemalto's software offers and is fully integrated with the broader portfolio of mobile financial services (MFS) solutions. It enables financial service providers and retailers to rapidly deploy a breadth of services that can be customized to their specific needs.

Gemalto's LinqUs Mobile Wallet solution includes a secure application framework, a dedicated mobile wallet server, and connectivity with Gemalto's secure platforms for TSM (Trusted Service Management) and mobile payment.

Designed to optimize convenience for end users, consumers can link to existing accounts and cards, or set up new services easily. They can confidently conduct all their banking activities straight from their smartphone, along with transportation, ticketing and access applications. In addition, the wallet also incorporates loyalty and couponing programs for consumers and enables targeted mobile marketing campaigns.

Gemalto's backend platforms are pre-integrated with the mobile wallet, creating the ideal environment for swift adoption by service providers. With over 70 deployments of Mobile Financial Services solutions worldwide, LinqUs Mobile Wallet provides best-in-class security in mobile payment deployments. Furthermore, it is proactively tested on leading smartphone models and with a range of NFC secure elements to ensure 'out of the box' operability and minimize testing costs.

"Interest in mobile financial services is accelerating due to the convenience and added user-engagement that they provide," said Jean-Claude Deturche, Gemalto Senior Vice President, Mobile Financial Services. "By offering a rich suite of front-end mobile applications, through which end users can access the services delivered by our powerful servers, the Mobile Wallet sets new standards in terms of choice, flexibility and freedom to tailor solutions to individual requirements."

Gemalto is a member of ACT Canada and a Cardware sponsor; please visit www.gemalto.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section

If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: PYMNTS.com (02/11)

American Express announces a new social commerce experience that turns Twitter #hashtags into purchases in a unique and seamless way. American Express Cardmembers who sync their eligible Cards at sync.americanexpress.com/twitter and tweet special #hashtags can buy American Express Gift Cards and products from Amazon, Sony, Urban Zen and Xbox 360. American Express' proprietary Card Sync technology powers the experience. Card Sync first launched on Twitter last March to deliver couponless savings to Cardmembers who tweet special offer #hashtags from merchants.

"Based on the initial success of Amex Sync for offers, we know there is significant power in combining our assets with Twitter's platform to bring value to Cardmembers and merchants," said Leslie Berland, Senior Vice President, Digital Partnerships and Development at American Express. "Now, we're leveraging our unique technology and closed-loop network to introduce a seamless solution that redefines what's possible in the world of social commerce."

American Express is a member of ACT Canada; please visit www.americanexpress.ca.

Source: Giesecke & Devrient (02/21)

Symantec and Giesecke & Devrient (G&D) announced that they have signed an agreement to collaborate on the development of protected security applications on smartphones and tablets.

The cooperation leverages the highly secure Trusted Execution Environment (TEE) on smart mobile devices. The innovative concept sees applications' sensitive components and data securely transmitted, stored and executed in a hardware protected area on the main processor of mobile devices. It helps application developers deliver products and services that meet increased security requirements without impacting flexibility and productivity.

Symantec plans to update its mobile applications so that they leverage G&D's Trusted Service Manager (TSM) and the underlying TEE to protect cryptographic keys and credentials. This integration will yield an unprecedented level of security for Symantec's mobile security apps. Symantec's first such application will be an ultra-secure version of Symantec Validation and ID Protection Service (VIP) two-factor authentication, which enables users to gain an added level of security when logging into important cloud-based services. The application is expected to be available the second half of 2013.

"This collaboration enables Symantec's products and services to deliver critical security solutions leveraging highly secure hardware components in mobile devices," said Stephen Trilling, Symantec senior vice president and chief technology officer. "We're pleased that Symantec's VIP Service will be the first to utilize this secure store to deliver additional value to our customers who use our service to give their mobile users secure access to sensitive applications and data."

"At the same time, the simple activation process makes it easy and cost effective for companies to integrate mobile protection into their IT infrastructures to meet their needs," says Wolfgang Decker, group vice president at G&D. "Our collaboration shows that flexibility and security are not necessarily mutually exclusive," Decker adds.

Giesecke & Devrient is a member of ACT Canada and a Cardware sponsor; please visit www.gi-de.com.

Source: PRWeb (01/31)

The Merchant Advisory Group (MAG), a cross-industry association of large merchants involved in the payments industry, is updating its U.S. payment roadmap clarifying its position on debit routing and reinforcing its support for a common set of standards and market-motivating rule changes to effectively deter e-commerce fraud. The MAG released its original recommendations on January 11, 2012. Several other organizations, including most major card networks, released their U.S. payment roadmaps around the same time. MAG members represent a broad cross-section of the merchant community that accounts for the majority of payment card transactions in the United States. Because MAG members are key stakeholders in the existing payments infrastructure--and would be in any new payments infrastructure--their views and perspectives must be taken into consideration.

The MAG advocates a collaborative approach to developing a long-term payments strategy for the United States. To that end, it has conducted a series of meetings with industry stakeholders including networks, banks and major merchant processors. These meetings have identified debit routing as a fundamental issue, which, until resolved, will impede progress towards a final solution for chip and PIN in the United States. Stakeholders are in agreement that a solution to the issue needs to comply with Federal Reserve Regulation II mandating merchant choice in debit routing and must not restrict competition among debit networks.

Although stakeholders appear to have coalesced around a solution that would require debit networks to use a common AID, implementation of the solution continues to be the subject of debate. Meanwhile, network mandates, which require merchant processors to conform to new technical requirements for processing chip transactions by April, 2013, remain unchanged.

The MAG strongly suggests that deadlines for existing network mandates and liability shift implications be extended to allow a more reasonable time frame for all stakeholders to migrate towards EMV. More specifically, the MAG suggests that for every month that passes without a consensus solution to the debit issue, a month needs to be added to all of the originally announced mandates. This implies that existing mandates must now be extended by over one year from the date they were originally announced.

Additionally, it is evident that no common solution has been identified yet by the industry to address the certain migration of fraud from the face-to-face channel to the e-commerce channel. Recent experience with the Canadian migration to chip & PIN serves as further evidence of this phenomenon. Existing attempts to address e-commerce fraud by the networks are unacceptable to most e-commerce merchants and result in lost sales and confusion by consumers attempting to complete online purchases. Consumers are unwilling to adopt hundreds of different two-factor payment validation solutions for e-commerce payments. EMVCo created one common consumer interface for two-factor authentication of card-present transactions. Likewise, the payments industry must develop an interoperable structure for e-commerce transactions. The MAG expects, based on actual results from other markets, the current rollout of EMV will do nothing to mitigate fraud, but it will shift the burden of fraud from card issuers and face-to-face merchants to e-commerce merchants.

The MAG continues to work with other payment industry stakeholders to address the need for a comprehensive solution to payment card fraud. While mindful of the need for a timely solution, the MAG remains steadfast in its concern that any solution must comply with existing law, must preserve or enhance the competition for debit services and must prevent fraud for the entire payment industry in order to reduce costs for all stakeholders, including all merchants.

The Merchant Advisory Group is a member of ACT Canada; please visit www.merchantadvisorygroup.org.

Source: Oberthur Technologies (02/21)

Oberthur Technologies announced the Google Wallet certification of PEARL, its new embedded secure element.

Besides being the most advanced multi-application embedded secure element, PEARL 800k Classic is also the first of its kind to be certified by Google. This allows compliance to Google Wallet to host NFC payment, loyalty, promotional offers and couponing applications which require stringent levels of security.

Already deployed in Google Nexus 4 smartphones and in Google Nexus 10 tablets, the PEARL embedded secure element is ready to be integrated into any type of any AndroidTM device.

"This certification is the result of a best-in-class embedded secure element and Google Wallet integration work by joint teams" said CédricCollomb, Telecom Business Unit Managing Director at Oberthur Technologies. "We are delighted to be recognized by Google as a trusted partner for the deployment of secured NFC services in the Google Wallet".

Oberthur is a member of ACT Canada and a Cardware sponsor; please visit www.oberthur.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section

If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: UL (02/13)

UL is pleased to announce that the Collis Brand Test Tool, developed by UL's Transaction Security team, has passed qualification by MasterCard for its new ATM module.

The last couple of years, terminals with motorized readers became smarter detecting possible fraud. For that reason it became more and more difficult to let them accept a wired probe during testing. Our new solution comes with programmable cards for motorized readers.

The new process of testing will make use of these cards in the following way. First, the cards will be personalized in a few seconds to behave exactly like a formal MasterCard or Visa test card. Subsequently, the test case from the scheme's test plans will be executed, exactly in the way the Collis Brand Test tool users are used to. After execution, the logging from the card will be read and included in the verdict of the test. The tool will provide the same outstanding level of step-by-step guidance to the user.

In addition to that, the Collis Brand Test Tool has the ability to simulate any test card, both contact and contactless. Using card simulation takes away the need for physical cards that can get corrupted or lost. The Collis Brand Test Tool provides clear user guidance and it is fully aligned with the Test Specifications of the seven major worldwide payment schemes. It also provides full insight in the technical details of the communication between the card and the terminal on the one side and between the terminal and the network on the other side. This allows a tester to gain detailed insight in the behaviour of the system from end-to-end.

"UL continues to develop high quality test tools for the payment market by improving and expanding the Collis Test Tool portfolio. The ATM module was desired by our customers for a long time, so we are very excited we can now offer this module. We are confident that our customers will benefit from this qualification as it will help them with reducing the time to market and increasing their confidence in their test results," adds Dirk Jan van den Heuvel, Managing Director of UL's Transaction Security service line.

Collis, together with RFI Global and Witham Laboratories, was recently rebranded to UL .The Collis test tool portfolio will remain its strong brand and will continue to be further developed and expanded.

MasterCard and UL are members of ACT Canada and Cardware sponsors; please visit www.mastercard.ca & www.ul-ts.com.

Source: PYMNTS.com (02/26)

Visa Inc. and JPMorgan Chase & Co. announced that the companies have agreed to a letter of intent for a new and expanded 10-year renewable partnership agreement. The partnership is designed to accelerate the growth of electronic payments, deliver added value to merchants and provide a better experience for cardholders.

Under terms of the planned deal, JPMorgan Chase will launch Chase Merchant Services, a payments platform powered by Visa that JPMorgan Chase will use to create more differentiated experiences for its merchants and cardholders. The platform will process transactions initiated with JPMorgan Chase-issued Visa cards at merchants that JPMorgan Chase enrolls in Chase Merchant Services.

Chase Merchant Services combines the capabilities of JPMorgan Chase's acquiring business, support functions and extensive card portfolio with a customized processing solution that Visa and JPMorgan Chase will create using Visa's network, VisaNet.

As part of the agreement, JPMorgan Chase also will shift additional credit and debit card volume to Visa, driving more transactions on the Visa network.

"We look forward to expanding our partnership with JPMorgan Chase and further driving the migration to electronic payments by offering superior and unique value to merchants and cardholders," said William Sheedy, Group President, Americas, Visa Inc. "As technology drives the evolution of the payments industry there are more opportunities to deliver value for merchants and cardholders at the point-of-sale. Visa is focused on innovating to allow clients of all sizes to differentiate based on their strategy, priorities and customer needs. This effort with JPMorgan Chase is one example of Visa's increased flexibility and desire to partner with financial institution and merchant clients to provide greater service to cardholders through tailored and value-added solutions."

"We are pleased to extend our long-term partnership with Visa," said Gordon Smith, CEO of Consumer & Community Banking, JPMorgan Chase. "Chase Merchant Services enables us to build direct relationships with merchants and give enhanced benefits, such as targeted offers and discounts to Chase Visa cardholders."

Chase Merchant Services is expected to be operational by the end of the year

JP Morgan Chase and Visa are members of ACT Canada and Visa is a Cardware sponsor; please visit www.chase.com & www.visa.ca.

Source: MULTOS (02/06)

The Hub Company has joined the MULTOS Consortium, a group of international blue chip organisations responsible for the promotion and development of the MULTOS specifications.

Joining as a Professional Partner Member, The Hub can take part in the development and growth of MULTOS, whilst benefiting fully from the Consortium's marketing and networking resources with Members that span the secure smart device industry.

Sam Rudder, CEO, The Hub, says "We are delighted to join the MULTOS Consortium. We have been integrating our issuance platform for MULTOS products for over 4 years. As a result we were able to release a unique service for both instant issuance and in market 'perso' with MasterCard approval in 2011. We are now ready to open up issuance of secure devices using MULTOS multi-application products for both mobile as well as cards used for every day payments."

Stuart Attwood, Commercial Director of the MULTOS Consortium, comments "With the continuing success expanding into existing EMV, government identity, and progress in new markets MULTOS is exploring within the Mobile commerce environment, The Hub is a welcome addition to the Consortium. Their long experience designing solutions for numerous top tier customers, coupled with an extensive background in e-commerce and software-as-service provision, they bring an exciting dynamic to the table, and we are very much looking forward to developing new opportunities with them."

MULTOS is a member of ACT Canada; please visit www.multos.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section

If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: SecureID News (01/30)

Infineon, a manufacturer of semiconductor solutions for payment applications, introduced its Coil on Module chip package to support global distribution of dual interface bank and credit cards.

The new Infineon chip package combines the security chip and antenna using a radio frequency (RF) link - rather than the common mechanical-electrical connection – which improves the robustness of the payment card and simplifies card design and manufacturing.

In conventional card manufacturing processes, the chip module is connected to the card antenna via soldering connections or conductive paste. This method is complex and requires individual adaptation of the antenna design to the respective chip module.

Using the Coil on Module chip technology, card manufacturers can produce dual interface cards up to five times faster with more efficiency. This also makes the card more robust as conventional connections between the chip module and the card antenna – which can be damaged by mechanical stress to the card – are eliminated.

In addition to bank and credit cards, Infineon's Coil on Module chip package is also suitable for other types of dual interface smart cards such as electronic access controls, public transport ticketing and electronic identity documents.

Infineon Technologies is a member of ACT Canada; please visit www.infineon.com.

Source: MobilePaymentsToday (02/25)

Digital security provider Gemalto announced it will be partnering with China's UnionPay to build a secure mobile NFC ecosystem across China. Considering UnionPay is the only domestic payment scheme servicing China, with more than 3.5 billion cards issued, that's a sizable undertaking.

According to a release on the partnership, Gemalto will be providing a number of services including TSM interoperability, security and operational guidelines, plus technology standards and specifications.

"We believe that mobile payment has enormous potential in China," Chai Hong Feng, UnionPay EVP, said in a statement. "UnionPay is a staunch supporter of payment innovation and mobile payment is an integral part of our endeavors. Gemalto has a wealth of experience in NFC and mobile payment deployments worldwide."

Gemalto is a member of ACT Canada; please visit www.gemalto.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section

If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: Oberthur Technologies (02/21)

Oberthur Technologies announced successful completion of the MasterCard Certification for the newly released PEARL Secure Element 800k Classic, a state-of-the-art NFC embedded secure element, which can host the most secure NFC payment applications.

The PEARL 800k Classic is the first multi-application embedded secure element, complying with the most advanced Global Platform 2.2 and JavaCard 3.0 specifications. The large-memory embedded secure element is also the first of its kind to be certified by MasterCard with Mobile PayPass M/Chip 4, and enables NFC-based payment application hosting, which typically requires the most stringent security levels.

For complete compatibility with various types of mobile devices, Oberthur Technologies proposes different form factors to fit devices space constraints. "Oberthur Technologies is a historical supplier of secure smart cards that host applications for financial institutions, mobile network operators, transit operators, retailers and governments", said Vincent Guitard, Marketing Director M2M & OEM at Oberthur Technologies. "With PEARL 800k Classic, Oberthur Technologies has developed and industrialized the most advanced and secure large-memory embedded secure element. This additional trusted element in the NFC ecosystem will facilitate the deployment of numerous services while enhancing their security level".

"As a company shaping how commerce is conducted today and tomorrow, we are proud to partner with Oberthur Technologies on new payment solutions," said James Anderson, Group Head, Converged Product Development at MasterCard. "The certification of Pearl 800k Classic is another step forward for MasterCard Mobile PayPass and will allow more consumers to access mobile payment services. It brings speed and reliability required by users, combined with the world class security level expected from MasterCard."

Oberthur is a member of ACT Canada and a Cardware sponsor; please visit www.oberthur.com.

Source: SecureID News (02/26)

Fime has been accredited by EMVCo, the EMV standards body, to verify that a secure element has the required security and functionality to enable an end-user to select their preferred payment application in a contactless environment.

Fime's global test tool now has the capabilities to confirm that the application loaded on a secure element meets the requirements outlined in the EMVCo Application Activation User Interface (AAUI) Proximity Payment System Environment (PPSE) Specification.

This technical standard from EMVCo brings together the various components that make application activation possible within the user interface, defines the interaction with other contactless applications and entities active within the SE and contactless module, as well as specifies the behavior of the PPSE in the mobile device.

FIME is a member of ACT Canada and a Cardware sponsor; please visit www.fime.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section

If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: Giesecke & Devrient (02/19)

In the future, cars will increasingly be equipped with emergency call functions or infotainment applications – and these systems rely on the vehicle being connected to the mobile network. Giesecke & Devrient (G&D), together with two German automakers and four international network operators, will be demonstrating at this year's Mobile World Congress (MWC) how network-operator-specific information (subscriber data) can be installed in a tailored, secure way via the mobile network at the time of vehicle delivery and later amended. With "Securing Mobile Life" as its motto, G&D will also be presenting other solutions that make life in the digital world more secure. Taking the example of mobile payment, G&D will be presenting its multi-application NFC SIM card, its interoperable mobile wallet and its TSM service, which enables secure installation of payment applications on cellphones. Further highlights include managed services for the secure roll-out of sensitive smartphone apps and a concept for how to use open cloud-based storage services such as Dropbox in a secure way.

Visitors to the Mobile World Congress (February 25-28, 2013) who come to the G&D booth (hall 6, booth D70) will find a total of eight presentation areas. These will give them a comprehensive overview of the portfolio of products and solutions offered by one of the leading mobile security specialists. G&D is focusing in particular on the following topics:

In the area of Subscription Management/M2M, G&D will be demonstrating the secure remote personalization and activation of embedded SIMs using the company's own SmartTrustAirOn subscription management platform. G&D will also be presenting a series of possible applications for mobile network operators. One example, which G&D will illustrate by way of a feasibility study, shows how a local network operator subscription can be securely loaded onto an embedded SIM in a car's telematics module, personalized, then removed again to be replaced by another.

Secure lifecycle management of NFC applications: In the area of NFC and TSM services, G&D will be showing how service providers can use TSM (Trusted Service Manager) solutions to achieve the highest level of security in transmitting and personalizing NFC applications via the mobile network (over the air, OTA). G&D will also be demonstrating all aspects of NFC payment, from the multi-application NFC SIM card and the SmartTrustPortigo digital wallet to the secure installation of payment applications on cellphones. The digital wallet received the CARTES 2012 payments trade show's SESAMES Award in the e-transactions category.

Management of secure apps: G&D will be presenting a solution for enhanced smartphone app security that helps service providers to develop and launch secure applications designed to run in what is known as a Trusted Execution Environment (TEE). As Trusted Service Manager (TSM), G&D transmits the security-relevant components of security-sensitive smartphone apps in multiple-encrypted form via the mobile network to a protected area of the mobile device's processor, installs the application, and takes on responsibility for managing the entire lifecycle.

Secure cloud storage: G&D will also be presenting a concept for how to combine the flexibility of open storage platforms already on the market, such as Dropbox, with companies' extremely high security requirements. G&D has opted for hardware-based encryption and developed a smartphone and tablet app that overlays existing storage services. To encode the data, the app uses a key that is stored in a secure element such as a SIM card on the mobile device. This ensures all data are encrypted on the device, before they are transferred to the cloud, so that neither the cloud provider nor other unauthorized parties can read the protected data.

Giesecke & Devrient is a member of ACT Canada and a Cardware sponsor; please visit www.gi-de.com.

Source: Digital Transactions (02/04)

Visa Inc. became the latest payments network to offer the U.S. debit industry a solution for the problem of how to route EMV debit transactions in compliance with federal law. The proposal comes after debit networks on Thursday spurned a solution that MasterCard Inc. floated two weeks ago.

Visa also spelled out deadlines for ATM processors to handle EMV transactions and for a liability shift for AMT deployers that don't install EMV-capable machines

Under Visa's proposal, the network will make available what it is calling a "generic, unbranded application identifier [AID]" that will let EMV debit cards comply with the Durbin Amendment's requirement that the cards support at least two unaffiliated networks. The Visa AID, which the network says it is making available to issuers at no charge, will support Visa and non-Visa branded cards as well as transactions routed through the Visa network or a non-Visa network.

Under the Europay-MasterCard-Visa chip card specifications, the AID is a string of characters that identify both the network and the specific type of card, for example credit or debit.

As a proprietary standard, EMV doesn't currently allow for merchant choice of debit network, as mandated by Durbin, which is part of the 2010 Dodd-Frank Act. At the same time, various EMV implementation timetables promulgated by the major card networks require that acquiring processors be capable of handling EMV transactions by April 1.

If adopted by the industry, Visa's solution would create a common AID that would trigger a process by which processors could route transactions to merchants' preferred networks. "This provides issuers with the flexibility to change networks without having to reissue cards," says Stephanie Ericksen, head of authentication product integration at Visa.

Indeed, one of the benefits of Visa's proposal, according to Ericksen, is that card issuers would have the choice of placing both Visa's debit app and AID on their card as well as the common app and AID. "It will not be a requirement that our common AID be adopted," she says.

Visa's proposal differs from MasterCard's in at least one key respect: While MasterCard requires that transactions pass through its switch, Visa has no such requirement. Visa says its common AID will also support both point-of-sale and ATM transactions. Issuers will also have a choice of adopting Visa's common AID and then developing their own AID if they wish, according to Ericksen.

Visa's move comes after U.S. debit networks last month proposed their own common AID and asked both Visa and MasterCard to support it. MasterCard responded by offering to open its proprietary Maestro debit AID to the industry, a solution debit executives rejected because of questions surrounding ownership of the AID and because MasterCard required all transactions to pass through its switch. MasterCard says the latter requirement streamlines EMV certification for processors.

It remains to be seen how debit networks will react to the Visa proposal. For now, some experts contacted by Digital Transactions News are hopeful but are waiting for more details. "The high-level announcement is definitely movement from Visa's position earlier last year," says Paul Tomasofsky, president of the Secure Remote Payment Council, a trade group for debit networks that has spearheaded the effort to create a common AID, in an e-mail message. "The details are most important and will be needed to further understand if this solution meets with the recommended approach of a Common US Debit AID with appropriate governance parity by all debit networks as endorsed by the SRPc. We look forward to learning these details."

Terry Dooley, senior vice president and chief information officer at the Johnston, Iowa-based Shazam Network, anSRPc member, says that while Visa's approach to the common AID appears to be good, many of the details are still unknown. "The no-fee and ATM support as well as taking a more common approach to the AID is good, but many of the details have to emerge," said Dooley.

The omission of details concerning contactless EMV transactions could be especially critical, Dooley says. "With mandate deadlines looming in April to support both contact and contactless transactions, you can't leave the door open on contactless," he says. "The industry really needs to resolve it all at once so there is a clear view of where the industry is heading." Ericksen says that, while Visa's proposal does not address contactless transactions, that point will be discussed going forward.

On the ATM side, Visa set an Oct. 1, 2017, deadline to shift liability for counterfeit-card fraud to the owners of machines that aren't equipped to accept EMV cards. This date is a year later than a similar deadline set by MasterCard in September. Visa will also require ATM processors to be capable of handling EMV transactions by April 1, 2015. "We talked to a lot of the ISOs that drive ATMs and they tell us they are not ready to support EMV at this time," says Ericksen.

Visa is a member of ACT Canada and a Cardware sponsor; please visit www.visa.ca.

Source: Gemalto (02/26)

Gemalto announces that it is providing its Allynis Trusted Service Management (TSM) solution to KDDI, one of the leading mobile network operators in Japan, for the deployment of the world's first commercial NFC airline boarding service. In addition, Gemalto has been delivering its UpTeq NFC high end SIM to KDDI since March 2012. Launched in October 2012, the service will enable quicker and more convenient flight boarding for more than 37 million passengers who fly with Japan Airlines (JAL) each year.

The project aims to boost usage of mobile boarding by providing increased speed and convenience to end users while reducing operational costs. Gemalto's TSM allows KDDI to securely download the JAL application into the SIM, enabling passengers to just tap their mobile phone when required to present their boarding pass. The NFC solution that KDDI has implemented can easily expand using Gemalto's TSM to include additional NFC services and applications such as contactless payments, loyalty programs, transportation and couponing.

"Gemalto's TSM solution was a critical component in developing JAL's NFC boarding service," said Kenichi Bandou, Senior Manager, KDDI. "The level of security it provides ensures continued trust between JAL and our customers. Our touch-and-go mobile ticketing application allows passengers to complete their check-in conveniently and with minimum hassle."

"This service demonstrates the potential of NFC beyond mobile payments and the value that NFC ticketing applications can provide by enhancing passengers' flying experience," said Martin Foo, Vice President of Mobile Financial Services Solutions at Gemalto Asia. "With NFC services leveraging global TSM standards, touch-and-go ticketing can soon be introduced for international flights as well for KDDI subscribers who are abroad with roaming schemes. Airlines can offer a compelling value-add to their passengers, increasing loyalty and reducing operational costs."

Gemalto is a member of ACT Canada and a Cardware sponsor; please visit www.gemalto.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section

If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: Oberthur Technologies (02/25)

Oberthur Technologies announced its exclusive collaboration with Smart Catch International, a digital security service provider in Taiwan, for providing Trusted Service Management (TSM) services to Taiwanese mobile operators and service providers.

Oberthur Technologies' complete NFC offer including TSM, NFC SIM cards, mobile applications and more, already boasts several years of extensive research, development, trials and commercial launches. The NFC solutions are already deployed in over 20 countries worldwide with over 30 TSM references. Building on this expertise, Oberthur Technologies will assist Smart Catch International in delivering complete TSM functionalities to Taiwanese mobile operators and services providers, for secure deployment and management of NFC services.

The combination of Smart Catch International's local presence and Oberthur Technologies' NFC expertise worldwide, will enable Taiwanese mobile operators and service providers to launch complete mobile payment offerings rapidly. With a high percentage of Taiwan's 23 million inhabitants already using contactless cards, the emergence of mobile contactless services is fast-approaching.

"We are delighted to establish this partnership with Smart Catch International and are enthusiastic about launching these services. Taiwan is ready for this innovation and we believe that Smart Catch International and Oberthur Technologies have the best positioning to successfully launch and grow the Taiwanese mobile payment market" commented Arnaud de La Chapelle, Managing Director, Solutions Business Unit at Oberthur Technologies.

"With this innovative and commercial cooperation with Oberthur Technologies, we are sure of their TSM solution's secure proven record, mature commercial experience and premium NFC mobile application product. This is exactly in line with Smart Catch International's vision to offer secure and varied colourful mobile applications to our clients including mobile operators, banks, transport and retail service providers. We will leverage Oberthur Technologies' mature solution to serve our clients for a mobile application commercial launch expected in the first semester of 2013." said JEN-TER, CHIEN, CEO of Smart Catch International.

Oberthur is a member of ACT Canada and a Cardware sponsor; please visit www.oberthur.com.

Source: The Register (02/13)

Lenovo, PayPal, Agnitio, Infineon Technologies, NokNok Labs and Validity, have cooked up a new authentication standard for websites and an alliance to push it to the world.

The Fast Identity Online Alliance (aka FIDO), as the group and proposed standard are both known, advances a two-factor authentication scheme capable of working with a variety of tokens including biometrics, password-protected USB sticks and embedded hardware modules. The potential to use multiple tokens means the standard will be usable by one individual on many devices.

The group's idea is that sites adopt FIDO, promote it as a more secure form of login, and then liaise with third-party token issuers to validate logins. Such an arrangement, it is hoped, will prove more secure than simple authentication arrangements and also rather harder for scammers and spear phishers to exploit with fake websites.

A browser plugin is an essential piece of the FIDO plan, as it will handle exchange of information between the token and the FIDO authentication server employed by a FIDO-using site.

How FIDO works. Or will work if anyone signs up.
The USA's National Institute for Standards and Technology has applauded FIDO, with Jeremy Grant, senior executive advisor the Institute's National Strategy for Trusted Identities in Cyberspace (NSTIC) program quoted in its launch press release.

Technical issues, such as persistence of tokens if one replaces or wipes a device, have also been identified and will be sorted out once committees sit down and start thinking about the standard in depth.

That committee's work may will need to consider that being conducted by the folks behind Security Assertion Markup Language and oAuth, two authentication standards FIDO mentions as complementary rather than competitive. Indeed, FIDO hopes to extend the first by offering an authentication process it lacks and improve the second by ensuring logins only happen with users' express permission. The group says it doesn't compete with OpenID, as it has no ambitions to provide federated identity management.

PayPal has an obvious interest in the success of FIDO, as anything that reduces fraud will doubtless be good for its bottom line. Lenovo, too, clearly has an interest given it has in the past promoted face recognition software as an authentication tool and is doubtless keen to point out the utility of fingerprint readers in its devices. As a new entrant to the smartphone market, offering secure and hands-free faceprint authentication won't hurt its prospects as it turns to markets beyond China. The other FIDO participants appear to hope for roles in the background, facilitating authentication with their own services and making a buck along the way.

Infineon Technologies is a member of ACT Canada and a Cardware sponsor; please visit www.infineon.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section

If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

 For more than 23 years, ACT Canada has been the internationally recognized authority in the market. As the eyes, ears and voice for stakeholders focused on secure payment, mobile, NFC, loyalty, secure identity, and leveraging EMV, we promote knowledge transfer, thought leadership and networking. We help members protect their interests, advance their causes, build their business and grow the market. We take a neutral and non-partisan approach to all issues, facilitating collaboration among issuers, brands, acquirers, merchants, regulators, solution providers, governments and other stakeholders. Over 50% of our members have been with us for more than 5 years, enjoying ongoing value from their affiliation with ACT Canada. Please visit http://www.actcda.com or contact our office at 1 905 426-6360 x122.

Please forward any comments, suggestions, questions or articles to andrea@actcda.com. If you would like to be removed from our newsletter distribution list please reply to this email with the word "REMOVE" in the subject field. Please note that articles contained in this newsletter have been edited for length, and are for information purposes only.


Andrea McMullen
Vice President, Operations
ACT Canada
tel: 905 426-6360 ext. 124
fax: 905 619-3275
email: andrea@actcda.com
web: www.actcda.com
mail: 85 Mullen Drive, Ajax, ON, L1T 2B3

For more information, please contact Andrea McMullen at 1 905 426-6360 ext 124 or email andrea.mcmullen@actcda.com.

Please forward any comments, suggestions, questions or articles to andrea.mcmullen@actcda.com. Please note that articles contained in this newsletter have been edited for length, and are for information purposes only.